Audited credential delegation: A sensible approach to grid authentication

Author

Beckles, Bruce ; Haidar, Ali N. ; Zasada, Stefan ; Coveney, P.V.

Author_Institution

Univ. of Cambridge Comput. Service, Cambridge, UK

fYear

2009

fDate

9-11 Dec. 2009

Firstpage

19

Lastpage

30

Abstract

If the authentication process in a computational grid environment is difficult for end-users, they will either be unable to use the system at all, or, in their attempts to circumvent the aspects of the authentication process which they find Â¿difficultÂ¿, they will probably increase the likelihood of a security compromise of the system. In this paper we examine a proposed authentication architecture, audited credential delegation (ACD), that uses the familiar username/password paradigm to improve the usability (and so the security) of the authentication process in these environments. We report on a usability trial of this architecture in which it is compared to the traditional PKI-based authentication used in many existing computational grid environments. We also discuss how this architecture suggests that computational grid resource providers (and potentially the Certificate Authorities accepted by these providers) need to rethink their Â¿one digital certificate = one userÂ¿ security model.

Keywords

public key cryptography; PKI based authentication; audited credential delegation; authentication architecture; computational grid environment; grid authentication sensible approach; password paradigm; username paradigm; Authentication; Computer architecture; Conferences; Distributed computing; Grid computing; Investments; Protection; Public key; Security; Usability;

fLanguage

English

Publisher

ieee

Conference_Titel

E-Science Workshops, 2009 5th IEEE International Conference on

Conference_Location

Oxford

Print_ISBN

978-1-4244-5946-9

Type

conf

DOI

10.1109/ESCIW.2009.5407980

Filename

5407980