Title :
Audited credential delegation: A sensible approach to grid authentication
Author :
Beckles, Bruce ; Haidar, Ali N. ; Zasada, Stefan ; Coveney, P.V.
Author_Institution :
Univ. of Cambridge Comput. Service, Cambridge, UK
Abstract :
If the authentication process in a computational grid environment is difficult for end-users, they will either be unable to use the system at all, or, in their attempts to circumvent the aspects of the authentication process which they find ¿difficult¿, they will probably increase the likelihood of a security compromise of the system. In this paper we examine a proposed authentication architecture, audited credential delegation (ACD), that uses the familiar username/password paradigm to improve the usability (and so the security) of the authentication process in these environments. We report on a usability trial of this architecture in which it is compared to the traditional PKI-based authentication used in many existing computational grid environments. We also discuss how this architecture suggests that computational grid resource providers (and potentially the Certificate Authorities accepted by these providers) need to rethink their ¿one digital certificate = one user¿ security model.
Keywords :
public key cryptography; PKI based authentication; audited credential delegation; authentication architecture; computational grid environment; grid authentication sensible approach; password paradigm; username paradigm; Authentication; Computer architecture; Conferences; Distributed computing; Grid computing; Investments; Protection; Public key; Security; Usability;
Conference_Titel :
E-Science Workshops, 2009 5th IEEE International Conference on
Conference_Location :
Oxford
Print_ISBN :
978-1-4244-5946-9
DOI :
10.1109/ESCIW.2009.5407980
