Title :
A Concept for Grid Credential Lifecycle Management and Heuristic Credential Abuse Detection
Author :
Kunz, Christopher ; Wiebelitz, Jan ; Piger, Stefan ; Grimm, Christian
Author_Institution :
Regional Comput. Center for Lower Saxony, Leibniz Univ. Hannover, Hannover, Germany
fDate :
June 30 2009-July 4 2009
Abstract :
In modern grids, authentication is usually implemented via an X.509 PKI (public key infrastructure). Proxy certificates are employed to facilitate interaction with the grid, especially for purposes of delegation and single sign-on. We propose modifications to the grid security infrastructure that allow reporting of proxy usage information to a database, giving the end user an opportunity to review by whom and for which purpose his credentials were used. By means of a standardized protocol for certificate revocation, they can then revoke affected proxies and stop abuse.
Keywords :
database management systems; grid computing; message authentication; public key cryptography; GSI; PKI; database information; grid credential lifecycle management; grid security infrastructure; heuristic credential abuse detection; message authentication; proxy certificate; proxy usage information; public key infrastructure; Authentication; Authorization; Concurrent computing; Data security; Databases; Distributed computing; Grid computing; Information security; Middleware; Public key; Grid; PKI; X.509; abuse detection; auditing; proxy certificate;
Conference_Titel :
Parallel and Distributed Computing, 2009. ISPDC '09. Eighth International Symposium on
Conference_Location :
Lisbon
Print_ISBN :
978-0-7695-3680-4
DOI :
10.1109/ISPDC.2009.28
