CredEx: User-centric credential management for grid and Web services

David Del Vecchio, Marty Humphrey, Jim Basney, Nataraj Nagaratnam

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

User authentication is a crucial security component for most computing systems. But since the security needs of different systems vary widely, authentication mechanisms are similarly diverse. In particular, independently-managed Web and Grid Services vary with regard to the type of security token (credential) used to prove user identity (username/password, X.509 signing, Kerberos, etc.). Forcing users to manage and present credentials manually for each service is tedious, error-prone and potentially insecure. In contrast, we present CredEx, an open-source, standards-based Web Service that facilitates the secure storage of credentials and enables the dynamic exchange of different credential types using the WS-Trust token exchange protocol. With CredEx, a user can achieve single sign-on by acquiring a single (default) credential then dynamically exchanging that credential as needed for services that authenticate a different way. We describe the design and implementation of CredEx by focusing on its use in bridging password-based Web Services and PKI-based Grid Services, illustrating how interoperability between these realms can be based upon the WS-Security and WS-Trust specifications.

Original languageEnglish (US)
Title of host publicationProceedings - 2005 IEEE International Conference on Web Services, ICWS 2005
Pages149-158
Number of pages10
DOIs
StatePublished - Dec 1 2005
Event2005 IEEE International Conference on Web Services, ICWS 2005 - Orlando, FL, United States
Duration: Jul 11 2005Jul 15 2005

Publication series

NameProceedings - 2005 IEEE International Conference on Web Services, ICWS 2005
Volume2005

Other

Other2005 IEEE International Conference on Web Services, ICWS 2005
CountryUnited States
CityOrlando, FL
Period7/11/057/15/05

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'CredEx: User-centric credential management for grid and Web services'. Together they form a unique fingerprint.

Cite this