A hardware-secured credential repository for Grid PKIs

Author

Lorch, Markus ; Basney, Jim ; Kafura, Dennis

Author_Institution

Virginia Tech, Blacksburg, VA, USA

fYear

2004

fDate

19-22 April 2004

Firstpage

640

Lastpage

647

Abstract

Public key infrastructures suffer from usability and security problems associated with the request for and secure management of end user credentials. Online credential repositories provide mechanisms to ease these shortcomings but pose attractive targets for attacks due to the accumulation of credentials and the need for remote access to these credentials. Through the extension of an existing credential repository with a cryptographic coprocessor for secure storage of credentials an increase in the security of the service can be achieved. This higher security permits the use of online credential repositories with a wide variety of certificates without violating certification authority regulations. Also, the improved performance afforded by hardware support improves the scalability of a centralized credential storage.

Keywords

authorisation; grid computing; performance evaluation; public key cryptography; Grid PKI; centralized credential storage; certificates; cryptographic coprocessor; end user credentials; hardware support; hardware-secured credential repository; performance; public key infrastructures; scalability; Authentication; Certification; Hardware; Internet; Protection; Protocols; Public key; Secure storage; Security; Usability;

fLanguage

English

Publisher

ieee

Conference_Titel

Cluster Computing and the Grid, 2004. CCGrid 2004. IEEE International Symposium on

Print_ISBN

0-7803-8430-X

Type

conf

DOI

10.1109/CCGrid.2004.1336679

Filename

1336679