A grid authentication system with revocation guarantees

Authors:
Babu Sundaram;Barbara M. Chapman
Affiliations:
Department of Computer Science, University of Houston, Houston, TX;Department of Computer Science, University of Houston, Houston, TX
Venue:
HiPC'05 Proceedings of the 12th international conference on High Performance Computing
Year:
2005

Citing 13
Cited 1

Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
A course in number theory and cryptography

A course in number theory and cryptography
A security architecture for computational grids

CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The grid: blueprint for a new computing infrastructure

The grid: blueprint for a new computing infrastructure
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
A National-Scale Authentication Infrastructure

Computer
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Can We Eliminate Certificate Revocations Lists?

FC '98 Proceedings of the Second International Conference on Financial Cryptography
The Globus Project: A Status Report

HCW '98 Proceedings of the Seventh Heterogeneous Computing Workshop
An Online Credential Repository for the Grid: MyProxy

HPDC '01 Proceedings of the 10th IEEE International Symposium on High Performance Distributed Computing
Fine-grained control of security capabilities

ACM Transactions on Internet Technology (TOIT)
Is hierarchical public-key certification the next target for hackers?

Communications of the ACM - Interactive immersion in 3D graphics
The Anatomy of the Grid: Enabling Scalable Virtual Organizations

International Journal of High Performance Computing Applications

Privacy in mobile technology for personal healthcare

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

Credential revocation is a critical problem in grid environments and remains unaddressed in existing grid security solutions. We present a novel grid authentication system that solves the revocation problem. It guarantees instantaneous revocation of both long-term digital identities of hosts/users and short-lived identities of user proxies. With our approach, revocation information is guaranteed to be fresh with high time-granularity. Our system employs mediated RSA (mRSA), adapts Boneh’s notion of semi-trusted mediators to suit security in virtual organizations and propagates proxy revocation information as in Micali’s NOVOMODO system. Our approach’s added benefits include a configuration-free security model for end-users of the grid and fine-grained management of users’ delegation capabilities.