The Virtual Organization Membership Service enables Virtual Organization access control in distributed services.
It's at the core of the WLCG authorization stack and is used daily to authorize access to storage and computing resources used by thousands scientists worldwide.
28 October 2020
The VOMS 10-20 release ports all major VOMS components to CENTOS 7 and provides updates and bug fixesRead more
In a nutshell, VOMS provides the tools to enable Virtual Organizations and attribute-based authorization in distributed contexts.
VOMS supports a rich registration process compliant with the EGI policies on VO registration services. Users can be organized in groups and can be assigned roles and other types of attributes.
VOMS clients are used to request a signed token (an Attribute Certificate compliant with RFC 3281) from a VOMS server. This token carries the attributes that a person holds in a certain VO, and is usually embedded inside an X509 Proxy Certificate. The proxy certificate is used to drive authentication and authorization decisions when accessing third party services.
VOMS APIs come in Java and C/C++ bindings and enable easy integration of VOMS-based authorization in existing services.