User-centric management of distributed credential repositories: balancing availability and vulnerability
Pages 237 - 248
Abstract
To relieve users of the burden to memorize and manage their credentials while allowing for seamless roaming between various end devices, the idea of so-called credential repositories that store credentials for users came to attention. Both the risk of the credential repository being unavailable and the risk of the credentials becoming compromised are managed by the party that hosts the credential repository and that has to be trusted by the user. Removing the need for a trust relationship to a single party implies that users have to manage the risks themselves, for instance, by splitting the credentials across multiple systems/parties. However, if the systems differ in terms of availability and vulnerability, determining a suitable splitting strategy to manage the tradeoff between credential availability and vulnerability constitutes a complex problem. In this paper we present CREDIS, an approach that supports the user in building a credential repository based on heterogeneous systems that differ in terms of vulnerability and availability. CREDIS enables users to specify requirements on the availability and the vulnerability of the distributed credential repository and determines an optimal strategy on how to split secrets across the heterogeneous systems. We prove the NP-hardness of finding an optimal strategy, introduce an approach based on Integer Linear Programming to find optimal strategies for medium sized scenarios and propose heuristics for larger ones. We show that the CREDIS approach yields a reasonably secure and available credential repository even when the distributed repository is built based on low-grade devices or systems.
References
[1]
J. H. Abawajy. An online credential management service for intergrid computing. In Proc. of the IEEE Asia-Pacific Services Computing Conf. (APSCC), pages 101--106, 2008.
[2]
L. Atzori, A. Iera, and G. Morabito. The internet of things: A survey. Computer Networks, 54(15):2787--2805, Oct. 2010.
[3]
A. Bagherzandi, S. Jarecki, N. Saxena, and Y. Lu. Password-protected secret sharing. In Proc. of the 18th ACM Conf. on Computer and Communications Security (CCS), pages 433--444, 2011.
[4]
J. Basney, M. Humphrey, and V. Welch. The myproxy online credential repository. Software: Practice and Experience, 35(9):801--816, July 2005.
[5]
J. Basney, W. Yurcik, R. Bonilla, and A. Slagell. Credential wallets: A classification of credential repositories highlighting myproxy. In Proc. of the 31st Research Conf. on Communication, Information and Internet Policy (TPRC), 2003.
[6]
X. Boyen. Hidden credential retrieval from a reusable password. In Proc. of the 4th Int. Symp. on Information, Computer, and Communications Security (ASIACCS), pages 228--238, 2009.
[7]
L. L. Burch, D. G. Earl, and S. R. Carter. Techniques for establishing and managing a distributed credential store. Patent EP1560100, August 2005.
[8]
D. E. Denning and D. K. Branstad. A taxonomy for key escrow encryption systems. Communications of the ACM, 39(3):34--40, Mar. 1996.
[9]
W. Ford and J. Kaliski, B.S. Server-assisted generation of a strong secret from a password. In Proc. of the 9th IEEE Int. Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE), pages 176--180, 2000.
[10]
S. Gupta. Security characteristics of cryptographic mobility solutions. In Proc. of the Annual PKI Research Workshop, pages 117--126, 2002.
[11]
D. Gustafson, M. Just, and M. Nystrom. Securely available credentials (SACRED) - credential server framework - RfC 3760, 2004.
[12]
D. Huynh, M. Robshaw, A. Juels, and B. Kaliski. Password synchronization. Patent US6240184, May 2001.
[13]
D. P. Jablon. Password authentication using multiple servers. In Proc. of the Conf. on Topics in Cryptology: The Cryptographer's Track at RSA (CT-RSA), pages 344--360, 2001.
[14]
K. Jünemann, J. Köhler, and H. Hartenstein. Data outsourcing simplified: Generating data connectors from confidentiality and access policies. In Proc. of the Workshop on Data-intensive Process Management in Large-Scale Sensor Systems (CCGrid-DPMSS), pages 923--930, 2012.
[15]
J. Kim, H. Kwon, H. Park, S. Kim, and D. Won. An improvement of VeriSign's key roaming service protocol. In Proc. of the Int. Conf. on Web engineering (ICWE), pages 281--288, 2003.
[16]
T. Kwon. Virtual software tokens - a practical way to secure PKI roaming. In Proc. of the Int. Conf. on Infrastructure Security (InfraSec), pages 288--302, 2002.
[17]
J. Köhler and H. Hartenstein. Occasio: an operable concept for confidential and secure identity outsourcing. In Proc. of the IFIP/IEEE Int. Symp. on Integrated Network Management (IM), 2013.
[18]
J. Köhler, S. Labitzke, M. Simon, M. Nussbaumer, and H. Hartenstein. Facius: An easy-to-deploy saml-based approach to federate non web-based services. In Proc. of the 11th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications (TrustCom), 2012.
[19]
F. Larumbe and B. Sansò. Optimal location of data centers and software components in cloud computing network design. In Proc. of the 12th IEEE/ACM Int. Symp. on Cluster, Cloud and Grid Computing (CCGrid), pages 841--844, 2012.
[20]
N. Leavitt. Internet security under attack: The undermining of digital certificates. Computer, 44(12):17--20, Dec. 2011.
[21]
M. Lorch, J. Basney, and D. Kafura. A hardware-secured credential repository for grid PKIs. In Proc. of the 4th IEEE/ACM Int. Symp. on Cluster, Cloud and Grid Computing (CCGrid), pages 640--647, 2004.
[22]
P. D. MacKenzie and M. K. Reiter. Networked cryptographic devices resilient to capture. In Proc. of the IEEE Symp. on Security and Privacy (SP), 2001.
[23]
P. D. MacKenzie, T. Shrimpton, and M. Jakobsson. Threshold password-authenticated key exchange. In Proc. of the 22nd Int. Cryptology Conf. on Advances in Cryptology (CRYPTO), pages 385--400, 2002.
[24]
J. P. McGregor and R. B. Lee. Protecting cryptographic keys and computations via virtual secure coprocessing. In Proc. of the Workshop on Architectural Support for Security and Anti-virus (WASSA), pages 11--21, 2004.
[25]
J. Novotny, S. Tuecke, and V. Welch. An online credential repository for the grid: Myproxy. In Proc. of the 10th IEEE Int. Symp. on High Performance Distributed Computing (HPDC), pages 104--111, 2001.
[26]
D. A. Patterson, G. Gibson, and R. H. Katz. A case for redundant arrays of inexpensive disks (RAID). In Proc. of the ACM Int. Conf. on Management of Data (SIGMOD), pages 109--116, 1988.
[27]
T. R. Pesola. System and method for automatic synchronization of managed data. Patent US 2003/0125057 A1, Dec 2001.
[28]
R. Sandhu, M. Bellare, and R. Ganesan. Password-enabled PKI: Virtual smartcards versus virtual soft tokens. In Proc. of the Annual PKI Research Workshop, 2002.
[29]
T. Ylonen and C. Lonvick. The secure shell (SSH) authentication protocol - RfC 4252, 2006.
Index Terms
- User-centric management of distributed credential repositories: balancing availability and vulnerability
Recommendations
An Online Credential Management Service for InterGrid Computing
APSCC '08: Proceedings of the 2008 IEEE Asia-Pacific Services Computing ConferenceGrid users and their jobs need credentials to access grid resources and services. It is important to minimize the exposure of credentials to adversaries. A practical solution is needed that works with existing software and is easy to deploy, administer, ...
Credential life cycle management in open credential platforms (short paper)
STC '11: Proceedings of the sixth ACM workshop on Scalable trusted computingHardware-based trusted execution environments (TEEs) allow remote provisioning of secure credentials. In a closed credential platform installation of credentials to a TEE is controlled by a centralized authority. Due to the central control point ...
Distributed credential chain discovery in trust management
We introduce a simple Role-based Trust-management language RT0 and a set-theoretic semantics for it. We also introduce credential graphs as a searchable representation of credentials in RT0 and prove that reachability in credential graphs is sound and ...
Comments
Information & Contributors
Information
Published In
June 2013
278 pages
ISBN:9781450319508
DOI:10.1145/2462410
- General Chair:
- Mauro Conti,
- Program Chairs:
- Jaideep Vaidya,
- Andreas Schaad
Copyright © 2013 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 12 June 2013
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
SACMAT '13
Sponsor:
SACMAT '13: 18th ACM Symposium on Access Control Models and Technologies
June 12 - 14, 2013
Amsterdam, The Netherlands
Acceptance Rates
SACMAT '13 Paper Acceptance Rate 19 of 62 submissions, 31%;
Overall Acceptance Rate 177 of 597 submissions, 30%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 179Total Downloads
- Downloads (Last 12 months)6
- Downloads (Last 6 weeks)0
Reflects downloads up to 08 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in