Audited credential delegation - a user-centric identity management solution for computational grid environments

Haidar, A. N. and Zasada, S. J. and Coveney, P. V. and Abdallah, A. E. and Beckles, B. (2010) Audited credential delegation - a user-centric identity management solution for computational grid environments. In: Information Assurance and Security (IAS), 2010 Sixth International Conference. IEEE Conference Publications, pp. 222-227. ISBN 978-1-4244-7409-7

Full text not available from this repository. (Request a copy)

Abstract

One major problem faced by end-users and administrators of computational grid environments arise in connection with the usability of the security mechanisms usually deployed in these environments, in particular identity management. Many of the existing computational grid environments use Public Key Infrastructure (PKI) and X.509 digital certificates as a corner stone for their security architectures. However, security solutions based on PKI have to be usable to be effective otherwise they will not provide the intended protection. This paper presents the Audited Credential Delegation (ACD), a user-centric security identity management solution that accommodates users and resource providers security requirements including authentication, authorisation and auditing security goals from the design level. The proposed architecture removes any association between users and digital certificates, which is the source of the grid usability problem, while addressing resource providers concerns with regards to accountability. A prototype of this architecture has been implemented in Java and Web Services technologies using the recommendations of the Open Web Application Security consortium (OWASP) for developing secure software. It is currently being tested on TeraGrid, NGS and DEISA grid infrastructures and a detailed usability study is underway.

Item Type: Book Section
Uncontrolled Keywords: Logic gates, Authentication, Authorization, Servers, Usability, Middleware ,National Grid Service, audited credential delegation, computational grid environments, security mechanisms, public key infrastructure, X.509 digital certificates, ACD, user-centric security identity management, resource provider security, authorisation, authentication, grid usability problem, Java, Web services, open Web application security consortium, OWASP, TeraGrid, NGS, DEISA grid infrastructures
Subjects: G400 Computer Science
Divisions: Faculty of Computing, Engineering and the Built Environment
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology > Cyber Security
UoA Collections > UoA11: Computer Science and Informatics
Depositing User: Oana-Andreea Dumitrascu
Date Deposited: 06 Apr 2017 14:35
Last Modified: 06 Apr 2017 14:35
URI: http://www.open-access.bcu.ac.uk/id/eprint/4207

Actions (login required)

View Item View Item

Research

In this section...