For Grid professionals, managing credentials, certificates and private keys across multiple administrative domains can get pretty complicated and tough to scale. Increasingly, the community is leveraging MyProxy — an open source solution for managing x.509 PKI security credentials. MyProxy certificates provide single sign-on, and allow the user to easily unlock a private key and establish a proxy credential for use throughout the day in his/her Grid sessions.“One of the reasons we like to plug MyProxy in to different systems is to get closer to this holy grail of single sign-on, where a user doesn’t have different islands of single sign-on – a Grid single sign-on, a web single sign-on, a Kerberos single sign-on,” said Jim Basney, Senior Research Scientist with the National Center for Supercomputing Applications. “With one single sign-on, I can retrieve additional credentials for the different security protocols as required.” MyProxy was originally developed by Jason Novotny, Steve Tuecke and Von Welch in 2000.Basney added that as Grid evolves into enterprise, there is not a single security solution that’s going to fit in all cases.“To support secure collaboration, you need translation services and bridging services between different security mechanisms, protocols and credential formats,” said Basney. “I think we’re seeing a lot of good work in web services creating bridges between X.509 PKI credentials and SAML credentials.” Technology Industry