• DocumentCode
    1827900
  • Title

    A Concept for Grid Credential Lifecycle Management and Heuristic Credential Abuse Detection

  • Author

    Kunz, Christopher ; Wiebelitz, Jan ; Piger, Stefan ; Grimm, Christian

  • Author_Institution
    Regional Comput. Center for Lower Saxony, Leibniz Univ. Hannover, Hannover, Germany
  • fYear
    2009
  • fDate
    June 30 2009-July 4 2009
  • Firstpage
    245
  • Lastpage
    248
  • Abstract
    In modern grids, authentication is usually implemented via an X.509 PKI (public key infrastructure). Proxy certificates are employed to facilitate interaction with the grid, especially for purposes of delegation and single sign-on. We propose modifications to the grid security infrastructure that allow reporting of proxy usage information to a database, giving the end user an opportunity to review by whom and for which purpose his credentials were used. By means of a standardized protocol for certificate revocation, they can then revoke affected proxies and stop abuse.
  • Keywords
    database management systems; grid computing; message authentication; public key cryptography; GSI; PKI; database information; grid credential lifecycle management; grid security infrastructure; heuristic credential abuse detection; message authentication; proxy certificate; proxy usage information; public key infrastructure; Authentication; Authorization; Concurrent computing; Data security; Databases; Distributed computing; Grid computing; Information security; Middleware; Public key; Grid; PKI; X.509; abuse detection; auditing; proxy certificate;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Computing, 2009. ISPDC '09. Eighth International Symposium on
  • Conference_Location
    Lisbon
  • Print_ISBN
    978-0-7695-3680-4
  • Type

    conf

  • DOI
    10.1109/ISPDC.2009.28
  • Filename
    5284347
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1827900