Correcting a Delegation Protocol for Grids

نویسنده

  • Benjamin Aziz
چکیده

Delegation is one important aspect of large-scale distributed systems where many processes and operations run on behalf of system users and clients in order to achieve highly computational and resource intensive tasks. As such, delegation is often synonymous with the concept of trust, in that the delegator would expect some degree of reliability regarding the delegatee’s ability and predictability to perform the delegated task. The delegation protocol itself is expected to maintain certain basic properties, such as integrity, traceability, accountability and the ability to determine delegation chains. In this paper, we give an overview of the vulnerabilities that one such delegation protocol exhibits, namely DToken, a lightweight protocol for Grid systems, as interesting examples of design mistakes. We also propose an alternative protocol, DToken II, which fixes such vulnerabilities.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Using Trust for Restricted Delegation in Grid Environments

Delegation is an important tool for authorization in large distributed environments. However, current delegation mechanisms used in emerging Grids have problems to allow for flexible and secure delegation. This paper presents a framework to realize restricted delegation using a specific attribute certificate with trust value in grid environments. The framework employs attribute certificates to ...

متن کامل

RB-GDM: A Role-Based Grid Delegation Model

Grid delegation is the procedure by which a valid user endows another user or a program or service with the ability to act on that user’s behalf. Delegation is the primary form of authorization in grids. The large and geographically distributed, dynamic, heterogeneous and scalable grid environment poses unique delegation requirements. Presently there are no standard mechanisms to guide grid del...

متن کامل

On-demand Restricted Delegation : A Framework for Dynamic, Context-Aware, Least-Privilege Delegation in Grids

In grids, delegation is a key facility that can be used to authenticate and authorize requests on behalf of disconnected users. In current grid systems, delegation is either performed dynamically, in an unrestricted manner, or by a secure but static method. Unfortunately, the former compromises security and the latter cannot satisfy the requirements of dynamic grid application execution. Theref...

متن کامل

Toward Realizable Restricted Delegation in Computational Grids1

In a Computational Grid, or Grid, a user often requires a service to perform an action on his behalf. Currently, the user has few options but to grant the service the ability to wholly impersonate him, which opens the user to seemingly unbounded potential for security breaches if the service is malicious or errorful. To address this problem, eight approaches are explored for realizable, practic...

متن کامل

Batch Pairing Delegation

Abstract. Pairing-based cryptography (PBC) has enabled the construction of many cryptographic protocols. However, there are scenarios when PBC is too heavyweight to use, such as when the computing devices are resource-constrained. Pairing delegation introduced in [19] provides a solution by offloading the computation to more powerful entities. In this paper, we introduce the concept of, and con...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2011