Presentation is loading. Please wait.

Presentation is loading. Please wait.

Princeton University The Cast Dan Oberst, Director of OIT Enterprise Services…………Big Hat: No Cattle Donna Tatro, Manager of Collaboration Services………….Makes.

Similar presentations


Presentation on theme: "Princeton University The Cast Dan Oberst, Director of OIT Enterprise Services…………Big Hat: No Cattle Donna Tatro, Manager of Collaboration Services………….Makes."— Presentation transcript:

1 Princeton University The Cast Dan Oberst, Director of OIT Enterprise Services…………Big Hat: No Cattle Donna Tatro, Manager of Collaboration Services………….Makes It Happen Bill Sproule, Lead Technical, Analyst, CSG……………………………Mr. PKI Lee Varian, OIT Systems Architect……Knows Where the Bodies are Buried Ted Bross, Manager, OIT Data Integration………………Digs up the Bodies Meghan Weeks, Library Systems Analyst ……….Unindicted Co-Conspirator CREN/Mellon PKI Meeting 12/01/2001

2 December 1, 2001Princeton University CREN/Mellon PKI Workshop Identity, Authentication, Authorization Campus Community: anyone w/univ. relationship LDAP: Faculty, Staff, Students (subset of CC)  NIS and NT derive from LDAP netid field Separate databases:  Alumni (Advance & LDAP), Library (superset of LDAP) Authentication:  NIS (deprecated), LDAP & Kerberos (direct & via PAM) NT4/AD, PeopleSoft, Oracle Attributes:  LDAP: Status (Fac/Staf/Stud/etc.); OU (Dept), HomeDept (Num.)  (Planned) Certs: DN (name & ) only Access Control: .Princeton.EDU domain, (library) Proxy, VPN, special ID/PW

3 December 1, 2001Princeton University CREN/Mellon PKI Workshop Current applications linked into database/directory/repository: Remote access  NIS (inc. AUTH SMTP)  LDAP telnet/ftp/ssh  NIS  Kerberos/LDAP via PAM NT file & print VPN  NT4  AD/Kerberos V Directory self-service update  LDAP Library proxy, web apps  cached NIS crypt files Myriad local apps:  e.g. time collection, Student Grades, resume tracking, etc. - LDAP NOT linked: Peoplesoft, Oracle, local Blackboard users

4 December 1, 2001Princeton University CREN/Mellon PKI Workshop Planned initial uses for certificates? JSTOR Boise Cascade (web ordering) Inter-office signatures/encryption WebISO authentication Administrative Application SingleSignon

5 December 1, 2001Princeton University CREN/Mellon PKI Workshop Current state of PKI deployment? Servers running in test deployment Vendor: iPlanet CMS 4.2  Registration Authority  Certificate Authority  Key Escrow Authority Hardware: Sun Solaris Considering “junk cert” OpenLDAP server  Students/Mobile/Short-lived  Anonymous Certs

6 December 1, 2001Princeton University CREN/Mellon PKI Workshop Content providers Broad range (Lexis/Nexus, Journals, Encyclopedias, etc.) Currently restricted to.Princeton.EDU  or via web proxy or VPN or special ID Difficulties using proxy and VPN:  E.g. no VPN client, setup, line speed, etc.

7 December 1, 2001Princeton University CREN/Mellon PKI Workshop Readiness to issue certificates to select group of 200 faculty/staff? (Hardware) Systems are in place  Legal framework (CPS, etc.) nearly so Need to identify candidate users Biggest effort : setting up certs  Works best for laptop users Cert mobility problem Support issues  e.g. lost cert, forgotten PW, different computer, etc.


Download ppt "Princeton University The Cast Dan Oberst, Director of OIT Enterprise Services…………Big Hat: No Cattle Donna Tatro, Manager of Collaboration Services………….Makes."

Similar presentations


Ads by Google