XSEDE Capability Delivery Plan for "VIS-03: Remote, Batch Visualization"
This capability is currently supported by the following 5 components:
|Component||User facing?||Component’s role in the capability|
|Service Provider Batch Processing Services||yes||The batch processing resources provided by XSEDE Service Providers (SPs) satisfy the use described in this use case.|
|XSEDE Single Sign-On Hub||yes||The XSEDE Single Sign-On Hub (SSO Hub) provides a single point-of-entry for remote terminal (command shell, aka SSH) sessions on XSEDE Service Provider (SP) resources that provide interactive login services. Users with an allocation on one or more SP resources may use an SSH client to login to the XSEDE SSO Hub with their XSEDE username and password and an XSEDE Duo code. (The SSO Hub requires two-factor authentication.) Once logged in, users can then login to an SP login service without needing to use the username and password assigned by the SP, which is typically different from the XSEDE username and password and unique to each SP.|
|Globus Toolkit GSISSH Client/Server||no||XSEDE Service Providers (SPs) who offer interactive login services do so using GSI-SSH, an SSH service with X.509 authentication support. This enables the XSEDE Single Sign-On Hub (SSO Hub) to use X.509 authentication to connect users to the SP's login servers, so SSO Hub users do not need to enter their SP-specific usernames and passwords.|
|XSEDE MyProxy||no||The XSEDE Single Sign-On Hub (SSO Hub) uses the MyProxy service to authenticate users logging in to the SSH Hub and to obtain a short-lived X.509 certificate for each user. This X.509 certificate is then used to authenticate the user to any SP login services he or she connects to from the SSO Hub.|
|AMIE||no||The AMIE messaging service is used to share user information (including X.509 identity data) between the XSEDE Central Database (XCDB) and XSEDE Service Providers (SPs) so that the SPs can configure their accounting systems to match XSEDE allocations and allocation groups and users can connect via the XSEDE SSO Hub.|