An Online Credential Repository for the Grid: MyProxy

نویسندگان

  • Jason Novotny
  • Steven Tuecke
  • Von Welch
چکیده

Grid Portals, based on standard Web technologies, are increasingly used to provide user interfaces for Computational and Data Grids. However, such Grid Portals do not integrate cleanly with existing Grid security systems such as the Grid Security Infrastructure (GSI), due to lack of delegation capabilities in Web security mechanisms. We solve this problem using an online credentials repository system, called MyProxy. MyProxy allows Grid Portals to use the GSI to interact with Grid resources in a standard, secure manner. We examine the requirements of Grid Portals, give an overview of the GSI, and demonstrate how MyProxy enables them to function together. The architecture and security of the MyProxy system are described in detail.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The MyProxy online credential repository

The MyProxy online credential repository has been used by the grid computing community for over four years for managing security credentials in the grid public key infrastructure. MyProxy improves usability by giving users access to their credentials over the network using password authentication, allowing users to delegate their credentials via web browser interfaces to the grid, and supportin...

متن کامل

Credential Wallets: A Classification of Credential Repositories Highlighting MyProxy

In recent years, individuals have experienced an increased requirement for digitally identifying themselves, in both their work and personal lives. People typically have multiple credentials for digitally identifying themselves to different online software or services in different roles (for example, different credentials for work and home). We are looking for technology that allows users to ma...

متن کامل

A Mediated RSA-based End Entity Certificates Revocation Mechanism with Secure Concerned in Grid

The End Entity Certificates (EECs) revocation mechanism in Grid Security Infrastructure (GSI) adopts Certificate Revocation List (CRL) currently. However, CRL is an inefficient mechanism with drawbacks of “time granularity problem” and unmanageable sizes. This paper presents a new EECs revocation mechanism MEECRM (Mediated RSA-based End Entity Certificates Revocation Mechanism) to eliminate “ke...

متن کامل

Which Certificate Authority Should LIGO Use?

LIGO wishes to remove the burden from users of requesting, retrieving, and managing X.509 digital certificates and the associated private keys. A new authentication and authorization infrastructure design includes deploying MyProxy servers at all LIGO computing sites, and storing X.509 certificates and private keys in the MyProxy repositories. Rather than generating a proxy certificate using a ...

متن کامل

Simplifying Public Key Credential Management Through Online Certificate Authorities and PAM

The secure management of X509 certificates in heterogeneous computing environments has proven to be problematic for users and administrators working with Grid deployments. We present an architecture based on short lived X509 credentials issued by a MyProxy server functioning as an Online Certificate Authority, on the basis of initial user authentication via PAM (Pluggable Authentication Modules...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2001