Dedicated to covering high-end cloud computing
in science, industry and the datacenter
February 20, 2006
Ping Identity Debuts Standalone WS-Trust Security Token Server
Applications depend on user-level identity to protect critical resources, generate audit trails for regulatory compliance and support user-based billing. However, Web Services and SOA have lacked standards-based mechanisms for enabling trusted user identity, making these important functions difficult -- if not impossible -- without introducing proprietary application-level extensions that breach Web Services principles and introduce questionable security.
PingTrust builds on two open security standards that set the stage for true interoperability and a solution that scales. OASIS Web Services Security 1.0 (formerly WS-Security) allows for the embedding of security tokens in SOAP messages, while WS-Trust establishes a mechanism for obtaining and validating tokens from a Security Token Service (STS). PingTrust is such an STS. It supports both .NET and Java applications, Web-based and rich clients. PingTrust can operate on the Web Services Client-side, Provider-side or both sides of a Web Service transaction.
"With PingTrust, the concept of user session no longer ends at the application a user originally logs into, either directly or via federation," commented Patrick Harding, chief technical officer of Ping Identity. "Instead, user session and identity now follow SOAP messages wherever they may go throughout the SOA."
"By supporting WS-Trust, Ping Identity is providing a Security Token Service that can participate in the Identity Metasystem. This enables identity information to be exchanged using industry standard Web services, regardless of the underlying platforms," said Michael Stephenson, director of identity and access at Microsoft. "We look forward to Ping's products interoperating with Microsoft technologies, including .NET, Active Directory and the upcoming 'InfoCard' technology."
Using PingTrust, a Web Services client can exchange the security token being used in the local security domain, such as a Kerberos ticket, for a SAML token that represents the original user's identity in other federated security domains, including those at other companies. After being bound into a SOAP message and delivered to a Web Services Provider, the Provider will know who originated the request and will be able to use that information in determining how to process the request.
"Ping has leveraged the insights of Fidelity Investments as a design partner to create its market-leading Security Token Server for Web Services security and federated Web Services," said Dave Power, partner at Fidelity Investments.
PingTrust is a lightweight, standalone, modular product that:
- Provides out-of-the-box support for several token types including SAML 1.1 and SAML 2.0, x.509, Kerberos and username/password, and is extensible to support custom tokens.
- Provides a Web-based console for 100 percent GUI configuration.
- Moves identity-related security and cryptography code out of applications by consolidating security token processing into a centralized, shared server.
- Aggregates trust management to dramatically simplify administration.
- Does not require a heavyweight identity management system.
Related Articles
EcoFactor Powers XFINITY Home EcoSaver Service by Comcast
SLA-Aware Scheduling and Virtual Efficiency
IBM Unveils Industry's First Cloud Suites for the Entire C-Suite
Tradier Chooses NASDAQ OMX FinQloud to Build 'Cloud Brokerage in a Box'
Discussion
There are 0 discussion items posted.
|
Join the Discussion |
RSS Feeds
Feeds by Topic
Feeds by Content Type
Subscribe to All Content
This Week's Headlines
Most Read Features
- CERN, Google, and the Future of Global Science Initiatives
- Avoiding Scientific Computing Bottlenecks in the Cloud
- Research Roundup: Toward a More Efficient Cloud
- Overcoming the Cloud Security Barrier for Financial Services
- The Science Cloud Cometh
- CometCloud: Using a Federated HPC-Cloud to Understand Fluid Flow in Microchannels
- DDN, University College of London Aim at 100PB Research Network
- Floating Genomics to the Cloud with AWS
Most Read Around the Web
- HPC and the True Cost of Cloud
- Running Computational Fluid Dynamics in the Cloud
- NASA Builds 'Climate in a Box'
- In Support of Cloud-based Rendering
- Internet2 Awards Program Seeks Innovative Applications
- Throwing Cancer on the BonFIRE
- Running Stochastic Models on HTCondor
- IBM Acquires SoftLayer
Most Read This Just In
- Dell to Deliver Public Cloud Through Partner Ecosystem
- OpenNebula 4.0 Released
- Fujitsu Announces Vertically Integrated Virtualization and Cloud Platform
- AWS Direct Connect Service Now Available in Equinix Seattle Datacenters
- Riverbed Recognized for WAN Optimization Controllers in Gartner Magic Quadrant
- VMware Announces vCloud Hybrid Service
- Spotify and NASA Join Strong Keynote Program at Cloud World Forum
- Internet2 Establishes Direct Peering to Microsoft Cloud Services
- Leading Internet Experts Focus on Innovation at European Networking Conference
- Cloud-Ready GlusterFS 3.4 Beta Now Available
Feature Articles
SLA-Aware Scheduling and Virtual Efficiency
Researchers from the Suddhananda Engineering and Research Centre in Bhubaneswar, India developed a job scheduling system, which they call Service Level Agreement (SLA) scheduling, that is meant to achieve acceptable methods of resource provisioning similar to that of potential in-house systems. They combined that with an on-demand resource provisioner to ensure utilization optimization of virtual machines.
Read more...
CloudSigma CEO Elaborates on Science Cloud
Experimental scientific HPC applications are continually being moved to the cloud, as covered here in several capacities over the last couple of weeks. Included in that rundown, Co-founder and CEO of CloudSigma Robert Jenkins penned an article for HPC in the Cloud where he discussed the emergence of cloud technologies to supplement research capabilities of big scientific initiatives like CERN and ESA (the European Space Agency)...
Read more...
Examining Questions of Virtualization and Security in the Cloud
When considering moving excess or experimental HPC applications to a cloud environment, there will always be obstacles. Were that not the case, the cost effectiveness of cloud-based HPC would rule the high performance landscape. Jonathan Stewart Ward and Adam Barker of the University of St. Andrews produced an intriguing report on the state of cloud computing, paying a significant amount of attention to the problems facing cloud computing.
Read more...
Short Takes
Datapipe and Verne Global's Green Cloud
Jun 17, 2013 |
With that in mind, Datapipe hopes to establish themselves as a green-savvy HPC cloud provider with their recently announced Stratosphere platform. Datapipe markets Stratosphere as a green HPC cloud service and in doing so partnering with Verne Global and their Icelandic datacenter, which is known for its propensity in green computing.
Read more...
IBM's Guide to Cloud Based HPC
Jun 12, 2013 |
Cloud computing is gaining ground in utilization by mid-sized institutions who are looking to expand their experimental high performance computing resources. As such, IBM released what they call Redbooks, in part to assist institutions’ movement of high performance computing applications to the cloud.
Read more...
OpenStack and the SDSC Research Cloud
Jun 06, 2013 |
The San Diego Supercomputer Center launched a public cloud system for universities in the area designed specifically to run on commodity hardware with high performance solid-state drives. The center, which currently holds 5.5 PB of raw storage, is open to educational and research users in the University of California.
Read more...
Sponsored Whitepapers
Best Practices in Big Data Storage
05/10/2013 | Cleversafe, Cray, DDN, NetApp, & Panasas | From Wall Street to Hollywood, drug discovery to homeland security, companies and organizations of all sizes and stripes are coming face to face with the challenges – and opportunities – afforded by Big Data. Before anyone can utilize these extraordinary data repositories, however, they must first harness and manage their data stores, and do so utilizing technologies that underscore affordability, security, and scalability.
Exploring the Potential of Heterogeneous Computing
04/02/2012 | AMD | Developers today are just beginning to explore the potential of heterogeneous computing, but the potential for this new paradigm is huge. This brief article reviews how the technology might impact a range of application development areas, including client experiences and cloud-based data management. As platforms like OpenCL continue to evolve, the benefits of heterogeneous computing will become even more accessible. Use this quick article to jump-start your own thinking on heterogeneous computing.
Sponsored Multimedias
Newsletters
HPC Job Bank
- Principal Software Research Engineer, Informatics
Pervasive Technology Institute at Indiana Univ - Network Engineer
NCSA - Associate Project Manager
NCSA - HPC UNIX/Storage System Administrator
Oak Ridge National Laboratory-UT Battelle - Systems Administrator I
Texas Advanced Computing Center - Senior Software Engineer
Texas Advanced Computing Center - Visit the HPCwire Job Bank
Featured Events
- June 26, 2013
- June 27, 2013
Cloud World Forum
London,
United Kingdom
- July 22, 2013
- July 25, 2013
XSEDE13: Gateway to Discovery
San Diego, CA
United States
- September 09, 2013
- September 09, 2013
10th Annual HPC for Wall Street
New York City, NY
United States
- November 17, 2013
- November 22, 2013
SC'13
Denver, CO
United States
