Shibboleth Access for Resources on the National Grid Service (SARoNGS)

The national grid service (NGS) provides access to compute and data resources for UK academics. Currently users are required to have an X.509 certificate from the UK e-science certification authority (CA) or one of its international peers to access the NGS. The CA must satisfy the requirements for internationally agreed assurance levels and some users find the processes of obtaining and managing certificates difficult. Shibboleth, an implementation of federation identity based authentication, has been widely deployed in academic environments in the UK. The SARoNGS project, was proposed to integrate the Shibboleth and X.509 based infrastructures, to deliver a production level service for accessing the NGS in a user friendly way. This paper describes an architecture by which users are authenticated by the UK access management federation to acquire low assurance credentials to access Grid resources on the NGS. Users can login to NGS resources via NGS portal, using their local institution´s authentication system.