A Mediated RSA-based End Entity Certificates Revocation Mechanism with Secure Concerned in Grid
نویسندگان
چکیده
The End Entity Certificates (EECs) revocation mechanism in Grid Security Infrastructure (GSI) adopts Certificate Revocation List (CRL) currently. However, CRL is an inefficient mechanism with drawbacks of “time granularity problem” and unmanageable sizes. This paper presents a new EECs revocation mechanism MEECRM (Mediated RSA-based End Entity Certificates Revocation Mechanism) to eliminate “key escrow” problem. MEECRM combines with MyProxy the online credential repository in Globus Tookit (GT). And some Schemes, such as HMAC, multi-SEM support and PVSS, have been introduced into MEECRM to increase the security and efficiency. MEECRM can ensure instantaneous revocation of invalid EECs in grid environments and can be used in many largescale grid projects because of inheriting from MyProxy. Analyses also prove that MEECRM is secure.
منابع مشابه
Identity-Based Mediated RSA
Identity-based encryption (IBE) [5] and digital signatures are important tools in modern secure communication. In general, identity-based cryptographic methods facilitate easy introduction of public key cryptography by allowing an entity’s public key to be derived from some arbitrary identification value such as an email address or a phone number. Identity-based cryptography greatly reduces the...
متن کاملSimple Identity-Based Cryptography with Mediated RSA
Identity-based public key encryption facilitates easy introduction of public key cryptography by allowing an entity’s public key to be derived from an arbitrary identification value, such as name or email address. The main practical benefit of identity-based cryptography is in greatly reducing the need for, and reliance on, public key certificates. Although some interesting identity-based techn...
متن کاملDoS-Resistant Attribute-Based Encryption in Mobile Cloud Computing with Revocation
Security and privacy are very important challenges for outsourced private data over cloud storages. By taking Attribute-Based Encryption (ABE) for Access Control (AC) purpose we use fine-grained AC over cloud storage. In this paper, we extend previous Ciphertext Policy ABE (CP-ABE) schemes especially for mobile and resource-constrained devices in a cloud computing environment in two aspects, a ...
متن کاملA Grid Authentication System with Revocation Guarantees
Credential revocation is a critical problem in grid environments and remains unaddressed in existing grid security solutions. We present a novel grid authentication system that solves the revocation problem. It guarantees instantaneous revocation of both long-term digital identities of hosts/users and short-lived identities of user proxies. With our approach, revocation information is guarantee...
متن کاملAn Effective Method to Implement Group Signature with Revocation
This paper presents an effective method to integrate the revocation mechanism into some group signature schemes that are based on the strong RSA assumption. The mechanism enables the group manager to either update a group member’s certificates, or revoke a group member. More specifically, a generic method has been proposed for the protocols of sign, verify, and revocation. We demonstrate the ef...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IJIPM
دوره 1 شماره
صفحات -
تاریخ انتشار 2010