A Concept for Grid Credential Lifecycle Management and Heuristic Credential Abuse Detection
2009 Eighth International Symposium on Parallel and Distributed Computing
Pub Date : 2009-06-30
DOI:10.1109/ISPDC.2009.28
引用次数: 3
Abstract
In modern Grids, authentication is usually implemented via an X.509 PKI (Public Key Infrastructure). Proxy certificates are employed to facilitate interaction with the Grid, especially for purposes of delegation and single sign-on. We propose modifications to the Grid Security Infrastructure that allow reporting of proxy usage information to a database, giving the end user an opportunity to review by whom and for which purpose his credentials were used. By means of a standardized protocol for certificate revocation, they can then revoke affected proxies and stop abuse.网格证书生命周期管理和启发式证书滥用检测的概念
在现代网格中,身份验证通常是通过X.509 PKI(公钥基础设施)实现的。代理证书用于促进与网格的交互,特别是用于委托和单点登录。我们建议修改网格安全基础设施,允许向数据库报告代理使用信息,让最终用户有机会查看谁使用了他的凭据,以及为什么使用了他的凭据。通过证书撤销的标准化协议,他们可以撤销受影响的代理并停止滥用。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文
求助全文
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
