Title :
Research on an extended OCSP protocol for grid
Author :
Zhang, Shaomin ; Wang, Baoyi
Author_Institution :
Sch. of Comput., North China Electr. Power Univ., Baoding
Abstract :
Public Key Infrastructures (PKI), as a part of Grid Security Infrastructures (GSI), offers authentication service for Grid entities. In CA inter-operation, aiming at the shortcoming of the existed online certificate status protocol (OCSP) which can only get the certificationpsilas status information whether the certification is revoked, this paper proposes an extended OCSP protocol that can provide trusted status information of certificate to benefit the certificate validation efficiently. A grid environment is built to verify the feasibility and the efficiency of the extended OCSP protocol. The paper deals with the running requirement and the data description of the client and each extended OCSP responder in detail. It describes the processing algorithm of each responder. In order to improve the efficiency of the system, the path length constraint and time constraint of request transmitting are designed specially. Theory and experiments all prove that the extended OCSP system improves the efficiency of certificate verification effectively.
Keywords :
Internet; certification; grid computing; message authentication; public key cryptography; transport protocols; CA inter-operation; OCSP protocol; authentication service; grid security infrastructure; online certificate status protocol; public key infrastructure; Authentication; Automation; Certification; Computer security; Content addressable storage; Grid computing; Intelligent control; Power systems; Protocols; Public key; Grid; OCSP; PKI; cross-certification;
Conference_Titel :
Intelligent Control and Automation, 2008. WCICA 2008. 7th World Congress on
Conference_Location :
Chongqing
Print_ISBN :
978-1-4244-2113-8
Electronic_ISBN :
978-1-4244-2114-5
DOI :
10.1109/WCICA.2008.4593817
