Security Middleware for Science Gateways

Custos features include user identity and access management, tenant profile management, resource secrets management, and groups and sharing management.

View on Github
Why use Custos?

Protect Your Scientific Community From Cybersecurity Threats

The goals of the Custos project are to provide these services to a wide range of science gateway frameworks, providing the community with an open source, transparent, and reviewed code base for common security operations; and to operate trustworthy security services for the science gateway community using this software base.

Federated Authentication
Custos will enable Science Gateways to seamlessly integrate with CILogon thus enabling federated authentication with more than 3,000 identity providers.
Resource Secrets Management
Custos provides secured storage engine capabilities by integrating with Vault. Supports user and resource credential manamgenent including SSH keys.
Collaboration through groups and sharing
Custos enables Collaborations through implementation of hierarchical groups and sharing of digital artifacts between entities.
Analyze, Audit and Triage
Custos provides access to user level analytics and audit logs through an administrative portal interface.
Use cases

Initial driving Use cases: Science Gateway Security

Custos software is initially being seeded by a federal grant from the US National Science Foundation to a team of developers from CILogon, Galaxy and Apache Airavata projects. Initial team comprises of science gateway clients, science gateway middleware developers, and cybersecurity experts.

Seed Funding