Jens Köhler
ABSTRACT
To relieve users of the burden to memorize and manage their credentials while allowing for seamless roaming between various end devices, the idea of so-called credential repositories that store credentials for users came to attention. Both the risk of the credential repository being unavailable and the risk of the credentials becoming compromised are managed by the party that hosts the credential repository and that has to be trusted by the user. Removing the need for a trust relationship to a single party implies that users have to manage the risks themselves, for instance, by splitting the credentials across multiple systems/parties. However, if the systems differ in terms of availability and vulnerability, determining a suitable splitting strategy to manage the tradeoff between credential availability and vulnerability constitutes a complex problem. In this paper we present CREDIS, an approach that supports the user in building a credential repository based on heterogeneous systems that differ in terms of vulnerability and availability. CREDIS enables users to specify requirements on the availability and the vulnerability of the distributed credential repository and determines an optimal strategy on how to split secrets across the heterogeneous systems. We prove the NP-hardness of finding an optimal strategy, introduce an approach based on Integer Linear Programming to find optimal strategies for medium sized scenarios and propose heuristics for larger ones. We show that the CREDIS approach yields a reasonably secure and available credential repository even when the distributed repository is built based on low-grade devices or systems.
- J. H. Abawajy. An online credential management service for intergrid computing. In Proc. of the IEEE Asia-Pacific Services Computing Conf. (APSCC), pages 101--106, 2008. Google Scholar
Digital Library
- L. Atzori, A. Iera, and G. Morabito. The internet of things: A survey. Computer Networks, 54(15):2787--2805, Oct. 2010. Google ScholarDigital Library
- A. Bagherzandi, S. Jarecki, N. Saxena, and Y. Lu. Password-protected secret sharing. In Proc. of the 18th ACM Conf. on Computer and Communications Security (CCS), pages 433--444, 2011. Google ScholarDigital Library
- J. Basney, M. Humphrey, and V. Welch. The myproxy online credential repository. Software: Practice and Experience, 35(9):801--816, July 2005. Google ScholarDigital Library
- J. Basney, W. Yurcik, R. Bonilla, and A. Slagell. Credential wallets: A classification of credential repositories highlighting myproxy. In Proc. of the 31st Research Conf. on Communication, Information and Internet Policy (TPRC), 2003.Google Scholar
- X. Boyen. Hidden credential retrieval from a reusable password. In Proc. of the 4th Int. Symp. on Information, Computer, and Communications Security (ASIACCS), pages 228--238, 2009. Google ScholarDigital Library
- L. L. Burch, D. G. Earl, and S. R. Carter. Techniques for establishing and managing a distributed credential store. Patent EP1560100, August 2005.Google Scholar
- D. E. Denning and D. K. Branstad. A taxonomy for key escrow encryption systems. Communications of the ACM, 39(3):34--40, Mar. 1996. Google ScholarDigital Library
- W. Ford and J. Kaliski, B.S. Server-assisted generation of a strong secret from a password. In Proc. of the 9th IEEE Int. Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE), pages 176--180, 2000. Google ScholarDigital Library
- S. Gupta. Security characteristics of cryptographic mobility solutions. In Proc. of the Annual PKI Research Workshop, pages 117--126, 2002.Google Scholar
- D. Gustafson, M. Just, and M. Nystrom. Securely available credentials (SACRED) - credential server framework - RfC 3760, 2004. Google ScholarDigital Library
- D. Huynh, M. Robshaw, A. Juels, and B. Kaliski. Password synchronization. Patent US6240184, May 2001.Google Scholar
- D. P. Jablon. Password authentication using multiple servers. In Proc. of the Conf. on Topics in Cryptology: The Cryptographer's Track at RSA (CT-RSA), pages 344--360, 2001. Google ScholarDigital Library
- K. Jünemann, J. Köhler, and H. Hartenstein. Data outsourcing simplified: Generating data connectors from confidentiality and access policies. In Proc. of the Workshop on Data-intensive Process Management in Large-Scale Sensor Systems (CCGrid-DPMSS), pages 923--930, 2012. Google ScholarDigital Library
- J. Kim, H. Kwon, H. Park, S. Kim, and D. Won. An improvement of VeriSign's key roaming service protocol. In Proc. of the Int. Conf. on Web engineering (ICWE), pages 281--288, 2003. Google ScholarDigital Library
- T. Kwon. Virtual software tokens - a practical way to secure PKI roaming. In Proc. of the Int. Conf. on Infrastructure Security (InfraSec), pages 288--302, 2002. Google ScholarDigital Library
- J. Köhler and H. Hartenstein. Occasio: an operable concept for confidential and secure identity outsourcing. In Proc. of the IFIP/IEEE Int. Symp. on Integrated Network Management (IM), 2013.Google Scholar
- J. Köhler, S. Labitzke, M. Simon, M. Nussbaumer, and H. Hartenstein. Facius: An easy-to-deploy saml-based approach to federate non web-based services. In Proc. of the 11th IEEE Int. Conf. on Trust, Security and Privacy in Computing and Communications (TrustCom), 2012. Google ScholarDigital Library
- F. Larumbe and B. Sansò. Optimal location of data centers and software components in cloud computing network design. In Proc. of the 12th IEEE/ACM Int. Symp. on Cluster, Cloud and Grid Computing (CCGrid), pages 841--844, 2012. Google ScholarDigital Library
- N. Leavitt. Internet security under attack: The undermining of digital certificates. Computer, 44(12):17--20, Dec. 2011. Google ScholarDigital Library
- M. Lorch, J. Basney, and D. Kafura. A hardware-secured credential repository for grid PKIs. In Proc. of the 4th IEEE/ACM Int. Symp. on Cluster, Cloud and Grid Computing (CCGrid), pages 640--647, 2004. Google ScholarDigital Library
- P. D. MacKenzie and M. K. Reiter. Networked cryptographic devices resilient to capture. In Proc. of the IEEE Symp. on Security and Privacy (SP), 2001. Google ScholarDigital Library
- P. D. MacKenzie, T. Shrimpton, and M. Jakobsson. Threshold password-authenticated key exchange. In Proc. of the 22nd Int. Cryptology Conf. on Advances in Cryptology (CRYPTO), pages 385--400, 2002. Google ScholarDigital Library
- J. P. McGregor and R. B. Lee. Protecting cryptographic keys and computations via virtual secure coprocessing. In Proc. of the Workshop on Architectural Support for Security and Anti-virus (WASSA), pages 11--21, 2004.Google Scholar
- J. Novotny, S. Tuecke, and V. Welch. An online credential repository for the grid: Myproxy. In Proc. of the 10th IEEE Int. Symp. on High Performance Distributed Computing (HPDC), pages 104--111, 2001. Google ScholarDigital Library
- D. A. Patterson, G. Gibson, and R. H. Katz. A case for redundant arrays of inexpensive disks (RAID). In Proc. of the ACM Int. Conf. on Management of Data (SIGMOD), pages 109--116, 1988. Google ScholarDigital Library
- T. R. Pesola. System and method for automatic synchronization of managed data. Patent US 2003/0125057 A1, Dec 2001.Google Scholar
- R. Sandhu, M. Bellare, and R. Ganesan. Password-enabled PKI: Virtual smartcards versus virtual soft tokens. In Proc. of the Annual PKI Research Workshop, 2002.Google Scholar
- T. Ylonen and C. Lonvick. The secure shell (SSH) authentication protocol - RfC 4252, 2006.Google Scholar
Index Terms
- User-centric management of distributed credential repositories: balancing availability and vulnerability
Recommendations
An Online Credential Management Service for InterGrid Computing
APSCC '08: Proceedings of the 2008 IEEE Asia-Pacific Services Computing ConferenceGrid users and their jobs need credentials to access grid resources and services. It is important to minimize the exposure of credentials to adversaries. A practical solution is needed that works with existing software and is easy to deploy, administer, ...
Credential life cycle management in open credential platforms (short paper)
STC '11: Proceedings of the sixth ACM workshop on Scalable trusted computingHardware-based trusted execution environments (TEEs) allow remote provisioning of secure credentials. In a closed credential platform installation of credentials to a TEE is controlled by a centralized authority. Due to the central control point ...
Distributed credential chain discovery in trust management
We introduce a simple Role-based Trust-management language RT0 and a set-theoretic semantics for it. We also introduce credential graphs as a searchable representation of credentials in RT0 and prove that reachability in credential graphs is sound and ...
Comments