Interoperable grid PKIs among untrusted domains: an architectural proposal

Authors:
Valentina Casola;Jesus Luna;Oscar Manso;Nicola Mazzocca;Manel Medina;Massimiliano Rak
Affiliations:
University of Naples, Italy;Universitat Politècnica de Catalunya, Spain;Universitat Politècnica de Catalunya, Spain;University of Naples, Italy;Universitat Politècnica de Catalunya, Spain;Second University of Naples, Italy
Venue:
GPC'07 Proceedings of the 2nd international conference on Advances in grid and pervasive computing
Year:
2007

Citing 6
Cited 2

Static evaluation of Certificate Policies for GRID PKIs interoperability

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
On-demand Trust Evaluation

GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
OCSP for Grids: Comparing Prevalidation versus Caching

GRID '06 Proceedings of the 7th IEEE/ACM International Conference on Grid Computing
Globus toolkit version 4: software for service-oriented systems

NPC'05 Proceedings of the 2005 IFIP international conference on Network and Parallel Computing
An innovative policy-based cross certification methodology for public key infrastructures

EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
Using OGRO and certiver to improve OCSP validation for grids

GPC'06 Proceedings of the First international conference on Advances in Grid and Pervasive Computing

Benchmarking cloud security level agreements using quantitative policy trees

Proceedings of the 2012 ACM Workshop on Cloud computing security workshop
The CloudGrid approach: Security analysis and performance evaluation

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

In the last years several Grid Virtual Organizations -VOs- have been proliferating, each one usually installing its own Certification Authority and thus giving birth to a large set of different and possibly untrusted security domains. Nevertheless, despite the fact that the adoption of Grid Certification Authorities (CAs) has partially solved the problem of identification and authentication between the involved parties, and that Public Key Infrastructure (PKI) technologies are mature enough, we cannot make the same assumptions when untrusted domains are involved. In this paper we propose an architecture to face the problem of secure interoperability among untrusted Grid-domains. Our approach is based on building a dynamic federation of CAs, formed thorough the quantitative and automatic evaluation of their Certificate Policies. In this paper we describe the proposed architecture and its integration into Globus Toolkit 4.