Description:Access to PI2S2 computational Grid using smart card and X.509 certificates
Abstract:In this work we present an innovative solution for storing
and using the private key in a secure way when the UI is
installed on the user\’s machine. We have performed a new
access method for interacting with the RSA key-pair stored on
a smart card. Now, all the cryptographic operations involving
the keys can be performed in a secure way by the smart card
itself. The sign of the proxy certificate is now made by the
smart card using the user private key stored on it.
<br>Our work also explains how to improve the security mechanisms of the Grid Security Infrastructure (GSI), providing a strong security data storage to be used on top of different Grid middlewares. The proposed approach is based on XML data encapsulation to store encrypted data and metadata as well as data owners, X509v3 certificates, AES keys, size, and file format.