Abstract
In grid computing environment, grid users often need to authorize remote computers acting as original users’ identity. But the original user may be under the risk of information leakage and identity abused for sending his credential to remote computing environment. Existing grid security practice has few means to enforce the security of credential delivery. Trusted Computing (TC) technology can be added to grid computing environment to enhance the grid security. With TC using an essential in-platform (trusted) third party, Trusted Platform Module (TPM), we can use TC to protect the user credential. In this paper we present credential migration management (CMM) system, which is a part of Daonity project, to manifest migrating credential in security between different computers with TPM.
Similar content being viewed by others
References
Bair R, Agarwal D, et al. National collaboratories horizons. Report of the August 10–12, 2004, National Collaboratories Program Meeting, the U.S. Department of Energy Office of Science
Foster I, Kesselman C. The Grid: blueprint for a new computing infrastructure (Chapter 2: Computational Grids). San Francisco: Morgan Kaufmann, 1999, 15–51
Foster I, Kesselman C, Tuecke S. The anatomy of the Grid: Enabling scalable virtual organizations. International Journal of High Performance Computing Applications, 2001, 15(3):200–222
Jin H. ChinaGrid: making Grid computing a reality. Digital Libraries: International Collaboration and Cross-Fertilization, LNCS, Springer-Verlag, 2004, Vol.3334, 13–24
Trusted Computing Group. http://www.trustedcomputinggroup.org
TCG Specification Architecture Overview Specification Revision 1.2, https://www.trustedcomputinggroup.org/groups/TCG_1_0_Arch itecture_Overview.pdf
TPM Main Part 1-3 Design Principles Specification Version 1.2, https://www.trustedcomputinggroup.org/specs/TPM
Mao W, Yan F, Chen C. Daonity—Grid security with behavior conformity from Trusted Computing. In: Proceedings of 1st ACM Workshop on Scalable Trusted Computing (STC’06), 2006, 43–46
http://www.hpl.hp.com/personal/Wenbo_Mao/daonity/daonity.html
Foster I, Kesselman C, Tsudik G, et al. A security architecture for Computational Grids. In: Proceedings of 5th ACM Conference on Computer and Communications Security, 1998, 83–92
Open Grid Forum. Overview of the GSI. http://www.globus.org/security/overview.html
Basney J, Yurcik W, Bonilla R, et al. The credential wallet: a classification of credential repositories highlighting MyProxy. In: Proceedings of 31st Research Conference on Communication, Information and Internet Policy (TPRC 2003), Arlington, Virginia, 2003
Novotny J, Tuecke S, Welch V. An online credential repository for the Grid: MyProxy. In: Proceedings of the Tenth International Symposium on High Performance Distributed Computing (HPDC-10), IEEE Press, 2001, 104–111
Globus Toolkit 4. http://www-unix.globus.org/toolkit
Marchesini J, Smith S. SHEMP-secure hardware enhancement for MyProxy. Technical Report TR2005-532, Dept of Comp. Sci., Dartmouth College, Feb 2005
Lorch M, Basney J, Kafura D. A hardware-secured credential repository for Grid PKIs. ln: Proceedings. of 4th IEEE/ACM International Symposium on Cluster Computing and the Grid. 2004, 640–647
TCG Software Stack (TSS) Specification Version 1.2. https://www.trustedcomputinggroup.org/specs/TSS
TrouSerS. The open-source TCG software stack. http://trousers.sourceforge.net
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Jin, H., Yi, C. CMM: Credential migration management system based on trusted computing in CGSP. Front. Comput. Sc. China 1, 200–207 (2007). https://doi.org/10.1007/s11704-007-0020-5
Received:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/s11704-007-0020-5