The design, development and application of a proxy credential auditing infrastructure for collaborative research
AuthorBAYLISS, CHRISTOPHER; Sinnott, Richard O.; Jie, Wei; Arshad, Junaid
Source Title5th International MCETECH Conference on eTechnologies
AffiliationEngineering - Computing and Information Systems
Document TypeConference Paper
CitationsBayliss, C., Sinnott, R. O., Jie, W. & Arshad, J. (2011). The design, development and application of a proxy credential auditing infrastructure for collaborative research. In 5th International MCETECH Conference on eTechnologies, Les Diablerets, Switzerland.
Access StatusOpen Access
This is a pre-print of a paper from the 5th International MCETECH Conference on eTechnologies 2011 published by Springer. www.springerlink.com
Single sign-on and delegation of privileges are fundamental tenets upon which e-Infrastructures and Grid-based research more generally have been based. The realisation of single sign-on and delegation of privileges in accessing resources such as the UK e-Science National Grid Service (NGS - http://www.ngs.ac.uk) and other national facilities is typically facilitated by X.509-based Public Key Infrastructures (PKI) and exploitation of proxy certificates. This model can be categorised by authentication-oriented access and usage of resources. It is the case however that proxy certificates, can potentially be obtained and abused by a malicious third party without the knowledge of the holder. There is currently no method for end users to detect such misuse. In this paper we describe a novel proxy auditing solution that addresses this issue directly. We describe the design and implementation of this solution and illustrate its application in widely distributed and heterogeneous research environments. We focus in particular on the needs and requirements of such a facility in the ESRC funded Data Management through e- Social Science (DAMES - www.dames.org.uk) project, where secure access and monitoring of social simulations and associated data sets are required by the researchers and associated data providers.
Keywordsgrid computing; grid security; user authentication; public key infrastructure; proxy certificate
- Click on "Export Reference in RIS Format" and choose "open with... Endnote".
- Click on "Export Reference in RIS Format". Login to Refworks, go to References => Import References