解决网格环境中的凭证撤销问题

The 6th IEEE/ACM International Workshop on Grid Computing, 2005. Pub Date : 2005-11-13 DOI:10.1109/GRID.2005.1542764

B. Sundaram, B. Chapman

{"title":"解决网格环境中的凭证撤销问题","authors":"B. Sundaram, B. Chapman","doi":"10.1109/GRID.2005.1542764","DOIUrl":null,"url":null,"abstract":"Credential revocation is a critical problem in grid environments and remains unaddressed in existing grid security solutions. We present our ongoing work in designing a novel grid authentication system, based on Globus GSI, that solves the revocation problem. The focus of this work is to ensure instantaneous revocation of both long-term digital identities of hosts/users and short-lived identities of user proxies. Our system employs mediated RSA (mRSA), adapts Boneh's notion of semi-trusted mediators to suit security in virtual organizations and propagates proxy revocation information as in Micali's NOVO-MODO system. We envision that our system would additionally provide a configuration-free security model for end users and fine-grained management of user credentials.","PeriodicalId":347929,"journal":{"name":"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Addressing credential revocation in grid environments\",\"authors\":\"B. Sundaram, B. Chapman\",\"doi\":\"10.1109/GRID.2005.1542764\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Credential revocation is a critical problem in grid environments and remains unaddressed in existing grid security solutions. We present our ongoing work in designing a novel grid authentication system, based on Globus GSI, that solves the revocation problem. The focus of this work is to ensure instantaneous revocation of both long-term digital identities of hosts/users and short-lived identities of user proxies. Our system employs mediated RSA (mRSA), adapts Boneh's notion of semi-trusted mediators to suit security in virtual organizations and propagates proxy revocation information as in Micali's NOVO-MODO system. We envision that our system would additionally provide a configuration-free security model for end users and fine-grained management of user credentials.\",\"PeriodicalId\":347929,\"journal\":{\"name\":\"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.\",\"volume\":\"42 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-11-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/GRID.2005.1542764\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The 6th IEEE/ACM International Workshop on Grid Computing, 2005.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/GRID.2005.1542764","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

证书撤销是网格环境中的一个关键问题，在现有的网格安全解决方案中仍未得到解决。本文介绍了基于Globus GSI的新型网格认证系统的设计工作，该系统解决了吊销问题。这项工作的重点是确保主机/用户的长期数字身份和用户代理的短期身份的即时撤销。我们的系统采用中介RSA (mRSA)，采用Boneh的半信任中介概念来适应虚拟组织的安全性，并像Micali的NOVO-MODO系统一样传播代理撤销信息。我们设想，我们的系统还将为最终用户提供一个无需配置的安全模型，并对用户凭证进行细粒度管理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Addressing credential revocation in grid environments

Credential revocation is a critical problem in grid environments and remains unaddressed in existing grid security solutions. We present our ongoing work in designing a novel grid authentication system, based on Globus GSI, that solves the revocation problem. The focus of this work is to ensure instantaneous revocation of both long-term digital identities of hosts/users and short-lived identities of user proxies. Our system employs mediated RSA (mRSA), adapts Boneh's notion of semi-trusted mediators to suit security in virtual organizations and propagates proxy revocation information as in Micali's NOVO-MODO system. We envision that our system would additionally provide a configuration-free security model for end users and fine-grained management of user credentials.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The 6th IEEE/ACM International Workshop on Grid Computing, 2005.

自引率

0.00%

发文量