Mechanisms for increasing the usability of grid security

Beckles, Bruce; Welch, Von; Basney, Jim

doi:10.1016/j.ijhcs.2005.04.017

Cited by 31 publications

(36 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…UserID (credential delegation occurs here), in the credential repository. ACD sends the randomly generated username/password pair needed to access MyProxy to the AHE server to download the session proxy (8) and (9). Finally, the AHE server sends the request to the grid resource site along with the proxy.…”

Section: Ahe With Acd: Usable and Secure Access To Grid Resourcesmentioning

confidence: 99%

“…This is not the case in any other established grid environment. We have integrated our work with an environment which allows the user to actually run applications on the grid (namely the AHE); ACD is not simply a security layer, as in MyProxy, Kerberos, Active Directory, Shibboleth or Fermilab's security mechanisms [9]. These security components only address authentication issues whereas ACD addresses authorization and accountability as well.…”

Section: Related Workmentioning

confidence: 99%

“…ACD is more than simply a security layer. Existing solutions such as MyProxy, Shibboleth and SARoNGS only provide credential repositories to store short-lived X.509 certificates (Myproxy), web-based single sign-on (Shibboleth), and web portals to access grid resources using a combination of Shibboleth and VOMS (SARoNGS) [9,13]. None of these solutions provides a holistic VO-controlled security solution in the way ACD does.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Audited credential delegation: a usable security solution for the virtual physiological human toolkit

et al. 2011

Self Cite

View full text Add to dashboard Cite

We present applications of audited credential delegation (ACD), a usable security solution for authentication, authorization and auditing in distributed virtual physiological human (VPH) project environments that removes the use of digital certificates from end-users' experience. Current security solutions are based on public key infrastructure (PKI). While PKI offers strong security for VPH projects, it suffers from serious usability shortcomings in terms of end-user acquisition and management of credentials which deter scientists from exploiting distributed VPH environments. By contrast, ACD supports the use of local credentials. Currently, a local ACD username -password combination can be used to access grid-based resources while Shibboleth support is underway. Moreover, ACD provides seamless and secure access to shared patient data, tools and infrastructure, thus supporting the provision of personalized medicine for patients, scientists and clinicians participating in e-health projects from a local to the widest international scale.

show abstract

Section: Ahe With Acd: Usable and Secure Access To Grid Resourcesmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Audited credential delegation: a usable security solution for the virtual physiological human toolkit

et al. 2011

Self Cite

View full text Add to dashboard Cite

show abstract

“…In the UK National Grid Service, 1 for example, obtaining a public key certificate requires the generation of a key pair using a web browser, transmission of the public component to a CA for certification, and a face-to-face meeting with a Registration Authority (RA) to prove user identity and membership in a grid project and to provide justification for grid usage. Studies have shown that users tend to share credentials within their peer groups because of the cumbersome and time-consuming process of credential acquisition (which may take up to few weeks) [6,7]. Clearly, this increases the risk of private key exposure.…”

Section: Motivationsmentioning

confidence: 99%

“…These are roughly equivalent to verifying the validity period and enforcing policy stated in a proxy certificate in the GSI. 7 It might be thought that the need for the secure channel to transport the proxy private key fromĀ toX is a limitation of this approach. In fact, the secure channel between these two parties will exist anyway; the parties have to authenticate each other using an authenticated key agreement protocol, before the delegation can take place.…”

Section: Delegationmentioning

confidence: 99%

User-friendly and certificate-free grid security infrastructure

Crampton

Lim

Paterson

et al. 2011

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Certificate-based public key infrastructures are currently widely used in computational grids to support security services. From a user's perspective, however, certificate acquisition is time-consuming and public/private key management is non-trivial. In this paper, we propose a security infrastructure for grid applications, in which users are authenticated using passwords. Our infrastructure allows a user to perform single sign-on based only on a password, without requiring a public key infrastructure. Moreover, hosting servers in our infrastructure are not required to have public key certificates. Nevertheless, our infrastructure supports essential grid security services, such as mutual authentication and delegation, using public key cryptographic techniques without incurring significant additional overheads in comparison with existing approaches.A preliminary version of this work appeared in the

show abstract

ContextBased MicroTraining: A Framework for Information Security Training

Kävrestad¹,

Nohlberg²

2020

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

This paper address the emergent need for training measures designed to improve user behavior in regards to security. We do this by proposing a framework for information security training that has been developed for several years and over several projects. The result is the framework ContextBased MicroTraining (CBMT) which provides goals and guidelines for how to better implement information security training that supports the user in the situation where the user needs support. CBMT has been developed and tested for use in higher education as well as for the support of users during passwords creation. This paper presents version 1.0 of the framework with the latest refinements.

show abstract

Mechanisms for increasing the usability of grid security

Cited by 31 publications

References 17 publications

Audited credential delegation: a usable security solution for the virtual physiological human toolkit

Audited credential delegation: a usable security solution for the virtual physiological human toolkit

User-friendly and certificate-free grid security infrastructure

ContextBased MicroTraining: A Framework for Information Security Training

Contact Info

Product

Resources

About