Security means different things to different people – service providers tend to employ different security protections for their services and there are many security models around. Normally, when we talk about security in Taverna we mean how you can authenticate to a secured service and invoke it from Taverna.
Java also has its ways for dealing with security. Please refer to the remaining questions in this section for an explanation on how this affects Taverna.
Taverna 2.x currently supports access to secure Web services that use HTTP Basic or WS-Security authentication with username and password.
Taverna also lets you invoke secured service that use HTTPS to protect the confidentiality of the traffic (the ones which URL starts with https:// instead of http://).
In addition, several Taverna plugins have been developed that enable Taverna to invoke secure services on grids (see also the FAQ section on Taverna and grids):
- caGrid – open source grid software infrastructure developed by the US NCI caBIG aimed at enabling multi-institutional cancer data sharing and analysis in the US – uses Taverna to link together their resources
- Europe’s leading grid computing project EGEE, piloted Taverna over EGEE gLite services
- European Model for Bioinformatics Research And Community Education (EMBRACE)
- Know-how Sharing Technology Based on ARC Services and Open Standards (KnowARC) developed prototype to use Taverna as direct interface to grid resources running ARC
- MOTEUR
- Netherlands BioInformatics Centre (NBIC)
- Grids for Industrial Product Development (SIMDAT)
- JSDL plugin for Taverna 1.7.x that allows you to submit jobs from within a workflow to a grid using GridSAM
Taverna Workbench 2.x also has the Credential Manager built in, a utility for safe-keeping your credentials (passwords and certificates) and certificates of trusted services you use in your workflows.
We are aware that there are many other models for securing services, which we will support if our user community needs it. If you are a Taverna user trying to use a secure Web service implemented using a security model other than those described in this FAQ section please contact us via the taverna-users mailing list.
