Static evaluation of Certificate Policies for GRID PKIs interoperability
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
OCSP for Grids: Comparing Prevalidation versus Caching
GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Globus toolkit version 4: software for service-oriented systems
NPC'05 Proceedings of the 2005 IFIP international conference on Network and Parallel Computing
An innovative policy-based cross certification methodology for public key infrastructures
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Using OGRO and certiver to improve OCSP validation for grids
GPC'06 Proceedings of the First international conference on Advances in Grid and Pervasive Computing
Benchmarking cloud security level agreements using quantitative policy trees
Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
The CloudGrid approach: Security analysis and performance evaluation
Future Generation Computer Systems
Hi-index | 0.00 |
In the last years several Grid Virtual Organizations -VOs- have been proliferating, each one usually installing its own Certification Authority and thus giving birth to a large set of different and possibly untrusted security domains. Nevertheless, despite the fact that the adoption of Grid Certification Authorities (CAs) has partially solved the problem of identification and authentication between the involved parties, and that Public Key Infrastructure (PKI) technologies are mature enough, we cannot make the same assumptions when untrusted domains are involved. In this paper we propose an architecture to face the problem of secure interoperability among untrusted Grid-domains. Our approach is based on building a dynamic federation of CAs, formed thorough the quantitative and automatic evaluation of their Certificate Policies. In this paper we describe the proposed architecture and its integration into Globus Toolkit 4.