Skip to main content

International Grid CA Interworking, Peer Review and Policy Management Through the European DataGrid Certification Authority Coordination Group

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNISA,volume 3470)

Abstract

The Certification Authority Coordination Group in the European DataGrid project has created a large-scale Public Key Infrastructure and the policies and procedures to operate it successfully. The infrastructure demonstrates interoperability of multiple certification authorities (CAs) in a novel system of peer-assessment of the roots of trust. Crucial to the assessment is the definition of minimum requirements that all CAs must meet in order to be accepted. The evaluation is aided by software-generated trust matrices. Related work building on this infrastructure is described. The group’s policies and experience now form the basis of the new European Policy Management Authority for Grid Authentication in e-Science.

Keywords

  • Smart Card
  • Peer Review
  • Grid Project
  • Registration Authority
  • Grid Security Infrastructure

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/11508380_30
  • Chapter length: 11 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   119.00
Price excludes VAT (USA)
  • ISBN: 978-3-540-32036-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. European DataGrid (2004), http://www.edg.org/

  2. DataTAG (2004), http://datatag.web.cern.ch/

  3. CrossGrid (2004), http://www.crossgrid.org/

  4. GridLab (2004), http://gridlab.org/

  5. LHC Computing Grid (2004), http://lcg.web.cern.ch/

  6. Enabling Grids for E-science in Europe (2004), http://www.eu-egee.org/

  7. Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A security architecture for computational grids. In: ACM Conference on Computers and Security, pp. 83–91. ACM Press, New York (1998)

    CrossRef  Google Scholar 

  8. DataGrid Security Coordination Group:Security Design (2003), https://edms.cern.ch/document/344562

  9. DataGrid Security Coordination Group: Final Security Report (2004), https://edms.cern.ch/document/414762

  10. Cornwall, L.A., et al.: Security in multi-domain grid environments. Journal of Grid Computing (2004)

    Google Scholar 

  11. DataGrid Security Coordination Group: Security Requirements Testbed 1 Security Implementation (2002), https://edms.cern.ch/document/340234

  12. IETF: PKIX Charter (2004), http://www.ietf.org/html.charters/pkix-charter.html

  13. Butler, R., Engert, D., Foster, I., Kesselman, C., Tuecke, S., Volmer, J., Welch, V.: Design and deployment of a national-scale authentication infrastructure. IEEE Computer 33, 60–66 (2000)

    Google Scholar 

  14. Tuecke, S., Welch, V., Engert, D., Pearlman, L., Thompson, M.: Internet X.509 Public Key Infrastructure Proxy Certificate Profile (2003), http://www.ietf.org/internet-drafts/draft-ietf-pkix-proxy-10.txt

  15. Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC 3280 (2002)

    Google Scholar 

  16. OpenSSL (2004), http://www.openssl.org/

  17. Globus Simple CA (2004), http://www.globus.org/security/simple-ca.html

  18. OpenCA (2004), http://www.openca.org/

  19. Sun Open Network Environment (2004), http://wwws.sun.com/software/sunone/

  20. Global Grid Forum (2004), http://www.ggf.org/

  21. Butler, R., Genovese, T.: Global Grid Forum Certificate Policy Model (2003)

    Google Scholar 

  22. Ball, E., Chadwick, D., Basden, A.: The Implementation of a System for Evaluating Trust in a PKI Environment. Evolaris, vol. 2, pp. 263–279. Springer, Heidelberg (2003)

    Google Scholar 

  23. NSF Middleware Initiative (2004), http://www.nsf-middleware.org/

  24. Hanushevsky, A., Cowles, R.: Virtual Smart Card (2002), http://www.slac.stanford.edu/abh/vsc/

  25. European Grid Policy Management Authority for e-Science (2004), http://www.eugridpma.org/

  26. Distributed European Infrastructure for Supercomputing Applications (2004), http://www.deisa.org/

  27. South Eastern European Grid-enabled eInfrastructure Development (2004), http://www.see-grid.org/

  28. GridPMA (2004), http://www.gridpma.org/

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Astalos, J. et al. (2005). International Grid CA Interworking, Peer Review and Policy Management Through the European DataGrid Certification Authority Coordination Group. In: Sloot, P.M.A., Hoekstra, A.G., Priol, T., Reinefeld, A., Bubak, M. (eds) Advances in Grid Computing - EGC 2005. EGC 2005. Lecture Notes in Computer Science, vol 3470. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11508380_30

Download citation

  • DOI: https://doi.org/10.1007/11508380_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26918-2

  • Online ISBN: 978-3-540-32036-4

  • eBook Packages: Computer ScienceComputer Science (R0)