10-13 September 2007; T. Kirkham, D. Lutz, J. Movilla, P. Mandic, J. Gallop, C. Morariu
Abstract:
The creation of a secure architecture for a Mobile Grid environment is presented in this paper using conceptual security domains and PKI infrastructure within the context of the Akogrimo EU project. Identity stems from the network domain for mobile services and interacts with the core Grid infrastructure specific services managing the Mobile Dynamic Virtual Organisations (MDVO). A model is presented in this paper where identity sprouts up from the network and policy cascades down from the VO, backed up by SLA (service level agreement) and monitoring services. This paper presents an overview of this infrastructure, how it is applied in current prototypes, the certificate involved and its significance for future development of security in the mobile Grid.
References:
1. R. Housley, W. Ford, W. Polk and D.Solo “Internet X.509 Public Key Infrastructure Certificate and CRL Profile”. IETF RFC2459, January 1999.
2. IETF page Public Key Infrastructure x509. http://www.ietf.org/html.charters/pkixcharter.html
3. Federated Identification Management and the Liberty Alliance http://www.projectliberty.org/
4. Henri Mikkonen, Mika Silander, “Federated Identity Management for Grids”, icns, p.69, International conference on Networking and Services (ICNS’06), 2006
5. Shibboleth project ref http://shibboleth.internet2.edu/
6. Kpatcha Bayarou , Matthias Enzmann, Elli Giessler, Michael Haisch, Brian Hunter, Mohammad Ilyas, Sebastian Rohr and Markus Schneider. “Towards Certificate-Based Authentication for Future Mobile Communications” Journa Of lWireless Personal Communications
7. Jabeom Gu, Sehyun Park, Ohyoung Song, Jaeil Lee, Jaehoon Nah, Sungwon Sohn “Mobile PKI: A PKI-Based Authentication Framework for the Next Generation Mobile Communications”, ISSN 0302-9743 , vol. 2727/2003, p.180-191.
8. PERMIS Reference http://sec.cs.kent.ac.uk/permis/
9. OASIS SAML webpage http://www.oasisopen.org/committees/security/
10. D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig, and A. Yegin. Protocol for carrying authentication for network access (PANA). Internet Draft (work in progress), Internet Engineering Task Force, July 2003.
11. B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, and H. Levkowetz. Extensible Authentication Protocol (EAP). Technical report, IETF, June 2004
12. P. Calhoun, J. Arrko, E. Guttman, G. Zorn, and J. Loughney. Diameter Base Protocol. Technical report, IETF, September 2003
13. PERMIS Reference http://sec.cs.kent.ac.uk/permis/
14. OASIS SAML webpage http://www.oasisopen.org/committees/security/
15. D. Forsberg, Y. Ohba, B. Patil, H. Tschofenig, and A. Yegin. Protocol for carrying authentication for network access (PANA). Internet Draft (work in progress), Internet Engineering Task Force, July 2003.
16. B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, and H. Levkowetz. Extensible Authentication Protocol (EAP). Technical report, IETF, June 2004
17. P. Calhoun, J. Arrko, E. Guttman, G. Zorn, and J. Loughney. Diameter Base Protocol. Technical report, IETF, September 2003
Source:
Proceedings of the UK e-Science All Hands Meeting 2007, ISBN 978-0-9553988-3-4, pages 636-642
URL:
full text (foreign link)
|