By Topic

Improved Grid Security Posture through Multi-factor Authentication

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Hazlewood, V. ; Nat. Inst. for Comput. Sci., Univ. of Tennessee, Oak Ridge, TN, USA ; Kovatch, P. ; Ezell, M. ; Johnson, M.
more authors

While methods of securing communication over the Internet have changed from clear text to secure encrypted channels over the last decade, the basic username-password combination for authentication has remained the mainstay in academic research computing and grid environments. Security incidents affecting grids, such as the TeraGrid stakkato incident of 2004 and 2005, has demonstrated that the use of reusable passwords for authentication can be readily exploited and can lead to a widespread security incident across the grid [1, 2]. The University of Tennessee's National Institute for Computational Sciences (NICS) founded in 2008 has provided resources to the TeraGrid, including Kraken, a 1.17 petaflops Cray XT5, and has implemented and promoted the use of multi-factor authentication mechanisms since its founding. The benefits of use of this stronger authentication method has been higher productivity and resource availability for users due to no known user account compromises caused by stolen NICS user credentials that led to disabling accounts or system resources. NICS has been developing and experimenting with expanding our use of multi-factor authentication to the grid. NICS has integrated multi-factor authentication with our certificate authority so that users can now run my proxy and receive a multi-factor authenticated certificate. NICS is also exploring the federation of multi-factor authentication systems, with the goal of "one user, one token". This is especially important, as new grid resources, such as Blue Waters, will only allow multi-factor authentication, and we want the users to only carry one token, not many tokens. XSEDE, the TeraGrid successor, will also be deploying multi-factor authentication in addition to the other existing authentication methodologies. XSEDE will also work closely with science gateways and workflows to develop and maintain secure frameworks for the highest level of security possible.

Published in:

Grid Computing (GRID), 2011 12th IEEE/ACM International Conference on

Date of Conference:

21-23 Sept. 2011