Presentation is loading. Please wait.

Presentation is loading. Please wait.

Password? CLASP Phase 2: Revised Proposal FOCUS, 3 May 2001 Denise Heagerty, IT/IS.

Published byGrant Harris Modified over 8 years ago

Similar presentations

Presentation on theme: "Password? CLASP Phase 2: Revised Proposal FOCUS, 3 May 2001 Denise Heagerty, IT/IS."— Presentation transcript:

1 Password? CLASP Phase 2: Revised Proposal FOCUS, 3 May 2001 Denise Heagerty, IT/IS

2 Outline  CLASP Project Goal  CLASP Project Status  Recommendations based on test results and implementation issues  Revised CLASP Phase 2 Proposal

3  Propose a detailed plan to reduce the number of login/passwords entered by users to access services they are authorised to use CLASP Project Goal “Single Sign On” Access Control +

4 CLASP Project Status  Service Survey and Feasibility Study results documented at http://cern.ch/proj-clasp recommended Kerberos v5 as the base authentication technology  Test environment implemented Kerberos v5 authentication server with support for AFS and Grid Certificates login authentication for Linux, W2000 and Grid clients  Implementation issues identified no commercial support available - niche solution functionality concerns for W2000 clients future of AFS is being investigated

5 Recommendations  Keep existing authentication services not a good time for changes to Windows 2000 nor AFS  Continue to track authentication technology Kerberos, Certificates, smart cards,...  Revisit options when AFS future is clarified Windows 2000 can provide Linux authentication  Provide an alternative way to achieve CLASP project goal in the short term revised CLASP Phase 2 proposal

6 Revised CLASP Phase 2 Proposal  Design and pilot a password synchronisation tool includes at least Windows, AFS, Mail, AIS passwords synchronisation will be optional - not forced security review and password check & change policy use experience at CERN (NICE) and within HEPiX (JLAB)  Recommend off-site access mechanisms including CERN and non-CERN portables  Design and pilot a tool for common access control of web pages and files (“e-groups”) based on CERN databases & existing listbox mechanism needs to map people to accounts

7 Feedback from Desktop Forum Meeting of 28 March 2001  Password synchronisation tool limited interest - do not invest resources does not achieve the goal of less passwords  Off-site access mechanisms support for easier off-site access and clearly documented recommendations  “E-groups” for web and file access support to implement a pilot tool to generate groups for use in access control lists collaborate with related work in AS and EST divisions

8 Password? http://cern.ch/proj-clasp CLASP studies have been made in collaboration with many colleagues both inside and outside IT Division - Thanks!

Download ppt "Password? CLASP Phase 2: Revised Proposal FOCUS, 3 May 2001 Denise Heagerty, IT/IS."

Similar presentations

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
CERN, Information Technology Department

CERN, Information Technology Department
Why Web services should care about grid security Taavi Hupponen, CSC.

Why Web services should care about grid security Taavi Hupponen, CSC.
User Registration. Click on ‘Sign Up’ button. Enter Registration details and click on submit button.

User Registration. Click on ‘Sign Up’ button. Enter Registration details and click on submit button.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
ONLINE DATA UPLOAD INSTRUCTION

ONLINE DATA UPLOAD INSTRUCTION
Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.

Password? CLASP Project Update C5 Meeting, 16 June 2000 Denise Heagerty, IT/IS.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Www.hksyu.edu 1 “ Introduction to … ” www.hksyu.edu.

1 “ Introduction to … ”
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3

1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3
Password? CLASP Phase 2: Revised Proposal C5 Meeting, 16 February 2001 Denise Heagerty, IT/IS.

Password? CLASP Phase 2: Revised Proposal C5 Meeting, 16 February 2001 Denise Heagerty, IT/IS.
Secure Off Site Backup at CERN Katrine Aam Svendsen.

Secure Off Site Backup at CERN Katrine Aam Svendsen.
Collaborative tools in NICE Alex Lossent - CERN IT/IS Hepix Fall 2005.

Collaborative tools in NICE Alex Lossent - CERN IT/IS Hepix Fall 2005.
Compe 341 Oracle Installation Procedure. Oracle From Click.

Compe 341 Oracle Installation Procedure. Oracle From Click.
Web hosting services at CERN Alex Lossent – CERN IT/IS Hepix Fall 2005.

Web hosting services at CERN Alex Lossent – CERN IT/IS Hepix Fall 2005.
Tour Estimation & Billing System .

Tour Estimation & Billing System .

Similar presentations

Ads by Google