Experience with Pki in a Large-scale Distributed Environment
نویسندگان
چکیده
PKI shows some weaknesses when used in real deployment, such as problems with securing the private key, combination of PKI with other authentication systems, availability of revocation information, user-friendliness of PKI system and relationship with federation systems. In this paper we present solutions that were used during PKI deployment in a grid distributed environment.
منابع مشابه
Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation
The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and co...
متن کاملSecuring the Networked e-Business Throughout an Internet Distributed Organization
This paper explores an Internet-based VPN solution, built upon IPSec, which combines tunneling with PKI authentication and encryption. To protect the valuable company resources, an efficient intrusion/misuse detection and response system was incorporated into deployed security solution. This approach enabled a large-scale customer provide their global e-business safely. As a result, an integrat...
متن کاملPKI based Access Control with Attribute Certificates for Data held on Smartcards
Common smartcard systems are not capable of providing effective Data Access Control in distributed IT-infrastructures with high configuration dynamics. The crucial points of that approach are resource consumption and inflexibility. The storage capacity of actual smartcards is clearly insufficient to store large certificate databases required by distributed services and applications. The exchang...
متن کاملPublic Key Infrastructure Security and Interoperability Testing and Evaluation
Public Key Infrastructures (PKIs) are currently being deployed in increasing sizes, numbers, fast changing technologies, and varying environments but our operational experience to date has been limited to a relatively small scale and small number of environments. Consequently, some open technical and environmental interoperability problems about the ways in which PKIs will be organized and oper...
متن کاملChord-PKI: A distributed trust infrastructure based on P2P networks
Many P2P applications require security services such as privacy, anonymity, authentication, and non-repudiation. Such services could be provided through a hierarchical Public Key Infrastructure. However, P2P networks are usually Internet-scale distributed systems comprised of nodes with undetermined trust level, thus making hierarchical solutions unrealistic. In this paper, we propose Chord-PKI...
متن کامل