Using an Intel Galileo board as a Hardware Token Server

Not scheduled
15m
OIST

OIST

1919-1 Tancha, Onna-son, Kunigami-gun Okinawa, Japan 904-0495
poster presentation Track6: Facilities, Infrastructure, Network

Speaker

Jan Justinus Keijser (NIKHEF)

Description

The Intel Galileo Arduino board is a low cost, low power 32bit Pentium-class computer. It is normally used for embedded devices but it can also run a full-blown version of Linux. Grid security can be greatly enhanced using hardware token for two-factor authentication. Two-factor autentication is based on the idea that in order to obtain access you need both something you know (i.e. a password) and something you possess (i.e. a hardware token). Pilot job security is improved by storing the pilot job grid certificate/private key pair on such a hardware token. In the Netherlands we use SafeNet eToken PRO's for generating and storing private keys for robot services. Typically, robot hardware tokens are inserted into server-class systems inside a data center for maximum security. This research was done to address the power consumption issue of such server-class systems. An Intel Galileo board typically draws 5 W of power, which is less than even the most energy efficient Atom-based server. As part of this research we built a 32bit version of CentOS 7, tuned specifically to run on the Galileo board. On top of this we installed and configured the hardware token drivers and the 'myproxy' software needed to upload robot grid proxies to a Globus MyProxy or Dirac Proxy store. Next to the poster a live demonstration of the Galileo+eToken setup is shown.

Primary author

Presentation materials