Presentation is loading. Please wait.

Presentation is loading. Please wait.

Browser User Certificate Mail Box VOMS-Admin Host Tomcat TR1) Users Trusts “VOMS-Admin” server identity. step1 TR2) User Trusts data (Data1, HTML response)

Published byFrancis Cox Modified over 8 years ago

Similar presentations

Presentation on theme: "Browser User Certificate Mail Box VOMS-Admin Host Tomcat TR1) Users Trusts “VOMS-Admin” server identity. step1 TR2) User Trusts data (Data1, HTML response)"— Presentation transcript:

1 browser User Certificate Mail Box VOMS-Admin Host Tomcat TR1) Users Trusts “VOMS-Admin” server identity. step1 TR2) User Trusts data (Data1, HTML response) sent from the Server only perform authorized actions; data is not corrupted; and data is sent by the VOMS_Admin server. User trusts “Data1” for (Integrity, Authenticity, Authorization) properties TR3) VOMS-Admin Trusts data (Data2, certificate and the request) from the user only performs authorized activity (nothing other than registering or removing user’s own account) and VOMS-Admin trusts that Data2 is sent by the user owning the DN in the request. VOMS-Admin trusts Data2 for (Authorization, Authenticity, Integrity) Connect to VOMS- Admin and requests Membership (1) Requests data (2) Sends request and Certificate data(3)

2 Because of TR2 and TR3, a user trusts data submitted from all other users. TR4) A user trusts “Data4” sent from another user to only perform authorized actions. This is relationship has the assumption that Data1 may have an effect on Data2, and Data4 has an affect on Data3. Otherwise, the trust relationship is not held true. User1 VOMS-Admin Server Trusts Data1 for (Integrity, Authorization, Authenticity) Trusts Data2 for (Integrity, Authorization, Authenticity) User2 Data1 Data2 Data3 Data4 Trusts Data3 Trusts Data4 Trusts Data4 for (Integrity, AuthN AuthZ) Trusts Data1 for (Integrity, AuthN AuthZ)

3 Voms-Admin SMTP Server Mail Box Mail Box user Sends email to user Email confirmation User Confirms owning the email address TR5) Voms-Admin trusts that the email address is not malicious (has no malicious script) TR6) VOMS-Admin assumes only user can have access to the email address TR7) SMTP server trusts email address is not malicious (has no malicious script) TR8) User trusts the email is from VOMS-Admin (not spoofed) TR9) User trusts the email has no malicious links (the link for confirmation takes the user to the real VOMS-Admin web page and Does not try to compromise user’s computer)

4 VOMS-Admin SMTP Server Mail Box Mail Box VO-Admin Sends membership request membership request VO-Admin approves Or rejects the request TR10) VOMS-Admin Trusts that the email address of VO-Admin is not malicious (does Not contain a script). TR11) VOMS-Admin Trusts only the VO-Admin can access the email address TR12) The VO-Admin Trusts the email really come from the VOMS-Admin (not spoofed) TR13) VO-Admin Trusts that the email has no malicious links or scripts TR14) VOMS-Admin Trusts only VO-Admin can access approval/rejection portal. VOMS-Admin Trusts the browser cookie of VO-Admin. VOMS-Admin assumes nobody can access the cookie except the VO-Admin

5

Download ppt "Browser User Certificate Mail Box VOMS-Admin Host Tomcat TR1) Users Trusts “VOMS-Admin” server identity. step1 TR2) User Trusts data (Data1, HTML response)"

Similar presentations

MFA for Business Banking – Security Questions with 2nd Request Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.

MFA for Business Banking – Security Questions with 2nd Request Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.
MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.
MFA for Business Banking – Security Questions with Reset Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.

MFA for Business Banking – Security Questions with Reset Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.
Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.
Research and Innovation Participant Portal How to register for an ECAS account NEXT.

Research and Innovation Participant Portal How to register for an ECAS account NEXT.
Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.
Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.
Existing Customer: Please visit Bonaqua Website for registration.

Existing Customer: Please visit Bonaqua Website for registration.
Design of Web-based Systems IS Development: lecture 10.

Design of Web-based Systems IS Development: lecture 10.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Infrastructure for Multi-Professional Education and Training Using Shibboleth.

Infrastructure for Multi-Professional Education and Training Using Shibboleth.
Creating your website Using Plain HTML. What is HTML? ► Web pages are authored in HyperText Markup Language (HTML) ► Plain text is marked up with tags,

Creating your website Using Plain HTML. What is HTML? ► Web pages are authored in HyperText Markup Language (HTML) ► Plain text is marked up with tags,
ASP Cookies Y.-H. Chen International College Ming-Chuan University Fall, 2004.

ASP Cookies Y.-H. Chen International College Ming-Chuan University Fall, 2004.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
CO1552 Web Application Development HTML Forms. Websites can be made more interactive by providing facilities for users to provide data To get user entered.

CO1552 Web Application Development HTML Forms. Websites can be made more interactive by providing facilities for users to provide data To get user entered.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) VOMS Installation and configuration Bouchra

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) VOMS Installation and configuration Bouchra
UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.

UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.

Similar presentations

Ads by Google