The Clarens web services architecture

Clarens is a uniquely flexible web services infrastructure providing a unified access protocol to a diverse set of functions useful to the HEP community. It uses the standard HTTP protocol combined with application layer, certificate based authentication to provide single sign-on to individuals, organizations and hosts, with fine-grained access control to services, files and virtual organization (VO) management. This contribution describes the server functionality, while client applications are described in a subsequent talk.Comment: Talk from the 2003 Computing in High Energy and Nuclear Physics (CHEP03), La Jolla, Ca, USA, March 2003, 6 pages, LaTeX, 4 figures, PSN MONT00

Access to Online Resources: A Guide for the Modern Librarian

access management; online resources; library technology; access protocols; identity management; authentication; authorisation; troubleshooting; SAM

The process of building an admin dashboard user interface

MariaDB Corporation Ab is a global software vendor that develops and contributes to the well-known open source MySQL database which was forked and managed by the MariaDB Foundation. The company is specializing in developing solutions arounds MariaDB server. MaxScale, a database proxy open source project which is one of the core components of MariaDB Platform helping to extend the availability, scalability and security of MariaDB Server. MaxScale provides a command line administrative client tool called maxctrl that internally uses REST API to configure MaxScale at runtime. This thesis is established due to the need of developing an alternative solution to maxctrl which is a web browser application that operates as an admin dashboard user interface. The application should allow to configure MaxScale in a visually appealing, intuitive and user-friendly way. It will be built by using Vue.js framework along with its support plugins and libraries such as Vue Router, Vuex, Vuetify and so on. Though this is a graphical user interface product-oriented thesis, it will not include all development processes in terms of user interface such as prototype designs, user experience designs and user story due to confidential information of the company. Therefore, the primary objectives of this thesis can be divided into three categories comprise of setting up developer’s working environment, improving MaxScale REST API for using in web application in terms of MaxScale user authentication, implementing the authentication user interface page

INTEGRASI CENTRAL AUTHENTICATION SERVICE (CAS) DENGAN FREERADIUS SEBAGAI SINGLE-SIGN-ON

The evolution of information technology has made lots of organizations use web-based applications to improve their work performance. Using two or more web-based applications in an organization makes users have to remember more than one account to log in to the websites. This is certainly ineffective, and it takes technology that can make users to access all existing web applications using one account. The technology commonly used is the Single-Sign-On (SSO) technology. In this study, the Single-Sign-On protocol that was developed was the Central Authentication Service or CAS. To implement a centralized authentication system, FreeRADIUS is used as an authentication server and authentication protocol. To make both technologies work, this study will explain how to integrate SSO with CAS protocol as SSO and FreeRADIUS as authentication server, to create SSO based on CAS and FreeRADIUS. Success is determined in the login and logout process. After the user has logged into the SSO portal, the user can access all existing web applications. Keywords - Central Authentication Service (CAS), FreeRADIUS, Single-Sign-On (SSO)

Prevention of Online Transaction Using MAC Address of the Machine, OTP Two Layer Model to Identify Legitimate User

E-shopping changed the world of selling and buying the products. With the Increase in technology and availability of resources on just one click modify the style of shopping, business, buying and selling. Use of online transaction to buy the products and conducting e- payments increasing day by day. Users now prefer to buy things and conduct shopping activities by just clicking from their machine. Trend of online shopping involved the online payments, involvement of online transactions enhance the use of credit cards, debit cards etc. The involvement of online payment is providing the facility to user and also providing the opportunity to fraudster took benefit of this to commit frauds like hacking of payment and transfer of money to some other accounts etc. The proposed model provided in this paper identify the user with the help of two layer model. The proposed model focus on the identification of user through MAC address of the machine used by the user to carry out the transaction process. With the concept that user’s mostly use the same machine to carry out the transactions. Keywords: Online shopping, cookies, MAC Address, OTP, Online fraud, identify theft, E-shopping, Online transaction

Greenpass RADIUS Tools for Delegated Authorization in Wireless Networks

Dartmouth\u27s Greenpass project extends how public key cryptography can be used to secure the wireless LAN with a RADIUS (Remote Authentication Dial In User Service) server that is responsible for handling authentication requests from clients (called supplicants in the 802.1x authentication model). This thesis describes the design and implementation of the authentication process of Greenpass, specifically what decisions are made in determining who is granted access and how a small modification of already existing protocols can be used to provide guest access in a way that better reflects how delegation of authority works in the real world. Greenpass takes advantage of the existing PKI to authenticate local Dartmouth users via X.509 identity certificates using EAP-TLS. We use the flexibility of SPKI/SDSI (Simple Public Key Infrastructure/Simple Distributed Security Infrastructure) authorization certificates to distribute the responsibility of delegating access to guests to certain authorized delegators, avoiding some of the necessary steps and paperwork associated with having a large centralized entity responsible for the entire institution. This thesis also discusses how our solution can be adapted to support different methods of guest delegation and investigates the possibility of eliminating the cumbersome central entity and administrative overhead traditionally associated with public key cryptography