Policy-Directed Data Movement in Grids
ICPADS '06 Proceedings of the 12th International Conference on Parallel and Distributed Systems - Volume 1
Toward Seamless Grid Data Access: Design and Implementation of GridFTP on .NET
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
A Model for Authentication Credentials Translation in Service Oriented Architecture
Transactions on Computational Science IV
Reputation and policy-based three-tier grid architecture with genuine feedbacks
International Journal of Autonomous and Adaptive Communications Systems
Credential Management Enforcement and Secure Data Storage in gLite
International Journal of Distributed Systems and Technologies
| Hi-index | 0.00 |
User authentication is a crucial security component for most computingsystems. But since the security needs of different systems vary widely,authentication mechanisms are similarly diverse. In particular,independently managed Web and Grid Services vary with regardto the type of security token (credential) used to prove user identity(username/password, X.509 signing, Kerberos, etc.). Forcing usersto manage and present credentials manually for each service istedious, error-prone and potentially insecure. In contrast, we presentCredEx, an open-source, standards-based Web Service that facilitates the secure storage of credentials and enables the dynamic exchangeof different credential types using the WS-Trust token exchangeprotocol. With CredEx, a user can achieve single sign-on by acquiringa single (default) credential then dynamically exchanging that credentialas needed for services that authenticate a different way. We describethe design and implementation of CredEx by focusing on its use inbridging password-based Web Services and PKI-based Grid Services,illustrating how interoperability between these realms can be basedupon the WS-Security and WS-Trust specifications.