Presentation is loading. Please wait.

Presentation is loading. Please wait.

The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001.

Published byBertina Harrell Modified over 8 years ago

Similar presentations

Presentation on theme: "The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001."— Presentation transcript:

1 The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001

2 FBCA Goals Leverage emerging agency PKIs to create a unified federal PKI Limit workload agency CA staff Support agency use of –Any FIPS-approved cryptographic algorithm –A broad range of commercial CA products Propagate policy information to certificate users in different agencies

3 EMA Challenge Architecture

4 Multiple CAs in FBCA Membrane Support multiple cryptographic algorithms Support for multiple certificate management protocols

5 FBCA architecture FBCA CAs –Offline –No network connectivity FBCA directory online

6 An Alternative Bridge Architecture Bridge CAs offline but have network connectivity Internal directory Firewall (strict) Border Directory

7 FBCA Directory Architecture Chained X.500 directories Dual-rooted FBCA directory is “hub” –dc=gov –o=U.S. Government, c=US

8

9 Lessons Learned Bridge CAs can unite PKIs with –Different architectures –Different cryptographic algorithms –Different DITs Heterogeneous commercial products can be used inside the bridge Client software is the limiting factor X.500 chaining simplifies certificate retrieval Offline bridge architecture is secure but inefficient

Download ppt "The FBCA Architecture: Lessons Learned Tim Polk, NIST March 9, 2001."

Similar presentations

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.
Introduction to z/OS Security Lesson 4: There’s more to it than RACF

Introduction to z/OS Security Lesson 4: There’s more to it than RACF
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Federal PKI Architecture Update

Federal PKI Architecture Update
The U.S. Federal PKI Richard Guida, P.E. Chair, Federal PKI Steering Committee Chief Information Officers Council 202-622-1552.

The U.S. Federal PKI Richard Guida, P.E. Chair, Federal PKI Steering Committee Chief Information Officers Council
Ongoing Efforts to Build The US Federal PKI Bridge

Ongoing Efforts to Build The US Federal PKI Bridge
Stanley J. Choffrey (202) 708-7943 The Federal Bridge Certification Authority Evolving Issues in Electronic Data Collection January.

Stanley J. Choffrey (202) The Federal Bridge Certification Authority Evolving Issues in Electronic Data Collection January.
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Public Key Infrastructure Ben Sangster February 23, 2006.

Public Key Infrastructure Ben Sangster February 23, 2006.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
Tim Polk, NIST wpolk@nist.gov PKI Overview Tim Polk, NIST wpolk@nist.gov.

Tim Polk, NIST PKI Overview Tim Polk, NIST
Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,

Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.
The U.S. Federal PKI and the Federal Bridge Certification Authority

The U.S. Federal PKI and the Federal Bridge Certification Authority
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.
SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  March 14, 2002.

SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  March 14, 2002.

Similar presentations

Ads by Google