TY - GEN

T1 - A concept for Grid credential lifecycle management and heuristic credential abuse detection

AU - Kunz, Christopher

AU - Wiebelitz, Jan

AU - Piger, Stefan

AU - Grimm, Christian

PY - 2009

Y1 - 2009

N2 - In modern Grids, authentication is usually implemented via an X.509 PKI (Public Key Infrastructure). Proxy certificates are employed to facilitate interaction with the Grid, especially for purposes of delegation and single sign-on. We propose modifications to the Grid Security Infrastructure that allow reporting of proxy usage information to a database, giving the end user an opportunity to review by whom and for which purpose his credentials were used. By means of a standardized protocol for certificate revocation, they can then revoke affected proxies and stop abuse.

AB - In modern Grids, authentication is usually implemented via an X.509 PKI (Public Key Infrastructure). Proxy certificates are employed to facilitate interaction with the Grid, especially for purposes of delegation and single sign-on. We propose modifications to the Grid Security Infrastructure that allow reporting of proxy usage information to a database, giving the end user an opportunity to review by whom and for which purpose his credentials were used. By means of a standardized protocol for certificate revocation, they can then revoke affected proxies and stop abuse.

UR - http://www.scopus.com/inward/record.url?scp=74349108990&partnerID=8YFLogxK

U2 - 10.1109/ISPDC.2009.28

DO - 10.1109/ISPDC.2009.28

M3 - Conference contribution

AN - SCOPUS:74349108990

SN - 9780769536804

T3 - 8th International Symposium on Parallel and Distributed Computing, ISPDC 2009

SP - 245

EP - 248

BT - 8th International Symposium on Parallel and Distributed Computing, ISPDC 2009

T2 - 8th International Symposium on Parallel and Distributed Computing, ISPDC 2009

Y2 - 30 June 2009 through 4 July 2009

ER -