In the last years several Grid Virtual Organizations -VOs- have been proliferating, each one usually installing its own Certification Authority and thus giving birth to a large set of different and possibly untrusted security domains. Nevertheless, despite the fact that the adoption of Grid Certification Authorities (CAs) has partially solved the problem of identification and authentication between the involved parties, and that Public Key Infrastructure (PKI) technologies are mature enough, we cannot make the same assumptions when untrusted domains are involved. In this paper we propose an architecture to face the problem of secure interoperability among untrusted Grid-domains. Our approach is based on building a dynamic federation of CAs, formed thorough the quantitative and automatic evaluation of their Certificate Policies. In this paper we describe the proposed architecture and its integration into Globus Toolkit 4. © Springer-Verlag Berlin Heidelberg 2007.
Interoperable grid PKIs among untrusted domains: An architectural proposal / Casola, V.; Luna, J.; Manso, O.; Mazzocca, N.; Medina, M.; Rak, M.. - 4459:(2007), pp. 39-51. (Intervento presentato al convegno 2nd International Conference on Grid and Pervasive Computing, GPC 2007 tenutosi a Paris, fra nel 2007) [10.1007/978-3-540-72360-8_4].
Interoperable grid PKIs among untrusted domains: An architectural proposal
Casola V.;Mazzocca N.;Rak M.
2007
Abstract
In the last years several Grid Virtual Organizations -VOs- have been proliferating, each one usually installing its own Certification Authority and thus giving birth to a large set of different and possibly untrusted security domains. Nevertheless, despite the fact that the adoption of Grid Certification Authorities (CAs) has partially solved the problem of identification and authentication between the involved parties, and that Public Key Infrastructure (PKI) technologies are mature enough, we cannot make the same assumptions when untrusted domains are involved. In this paper we propose an architecture to face the problem of secure interoperability among untrusted Grid-domains. Our approach is based on building a dynamic federation of CAs, formed thorough the quantitative and automatic evaluation of their Certificate Policies. In this paper we describe the proposed architecture and its integration into Globus Toolkit 4. © Springer-Verlag Berlin Heidelberg 2007.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
