EGI Document 2981-v1

Security toolset release for BBMRI-ERIC

Document #:
Document type:
Submitted by:
Gergely Sipos
Updated by:
Gergely Sipos
Document Created:
17 Nov 2016, 11:32
Contents Revised:
17 Nov 2016, 11:32
Metadata Revised:
18 Nov 2016, 11:21
Viewable by:
  • Public document
Modifiable by:

Quick Links:
Latest Version

This deliverable describes the security toolset for BiobankCloud and the extensions performed in EGI-Engage since M6.2 (Security and privacy requirements and secure storage architectural design are agreed) from February 2016. BiobankCloud builds on a Hadoop distribution, called Hops (, which was developed in the BiobankCloud project, to provide scalable storage and processing for genomic and Biobank data. BiobankCloud provides a web-based user interface for accessing and processing data stored in Hops that already provides 2-factor authentication. In this deliverable, we present extensions to support federated authentication with Shibboleth, which will enable easier integration of BiobankCloud in large organizations that run Shibboleth (such as EGI, universities, and Biobanks). Our solution is based on implementing an Apache webserver as a service provider (SP) that facilitates authentication with a Shibboleth Identity Provider (IDP) and as a proxy-frontend to BiobankCloud. We also integrate our shibboleth extensions with both the UI (Hopsworks) and our platform for automated installation based on Karamel and Chef.
Files in Document:

DocDB, Contact: Document Database Administrators