NAAS 2.0 Features and Enhancements

Slides:

Advertisements

Similar presentations

NRL Security Architecture: A Web Services-Based Solution

Advertisements

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

PKI Implementation in the Real World

Implementing and Administering AD FS

April 18, 2006 Shared Services Tools and Technologies.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Understanding Active Directory

Security and Policy Enforcement Mark Gibson Dave Northey

Network Shared Services. Shared Services –Network Authentication and Authorization Services –Exchange Network Discovery Service –Universal Description.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Web services security I

Public Key Infrastructure from the Most Trusted Name in e-Security.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Clinic Security and Policy Enforcement in Windows Server 2008.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.

Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)

Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

Grid Security Issues Shelestov Andrii Space Research Institute NASU-NSAU, Ukraine.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

U.S. General Services Administration Federal Technology Service November 9, 1999 Judith Spencer Director, Center for Governmentwide Security Office of.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Java Security Session 19. Java Security / 2 of 23 Objectives Discuss Java cryptography Explain the Java Security Model Discuss each of the components.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.

Information Security KRISHNAKUMAR RAGHAVAN (KK) NASWA's Information Technology Support Center 1.

Identity and Access Management

Key management issues in PGP

Secure Connected Infrastructure

Stop Those Prying Eyes Getting to Your Data

An Analysis of XKMS Yamini Ghadge Shanky Subramanian.

Data and Applications Security Developments and Directions

SECURING NETWORK TRAFFIC WITH IPSEC

Security and Encryption

Module 8: Securing Network Traffic by Using IPSec and Certificates

Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)

THE STEPS TO MANAGE THE GRID

Public Key Infrastructure (PKI)

S/MIME T ANANDHAN.

On and Off Premise Secure Access

ESA Single Sign On (SSO) and Federated Identity Management

Goals Introduce the Windows Server 2003 family of operating systems

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Security & .NET 12/1/2018.

Public Key Infrastructure from the Most Trusted Name in e-Security

HIMSS National Conference New Orleans Convention Center

K!M SAA LOGICAL SECURITY Strong Adaptive Authentication

Module 8: Securing Network Traffic by Using IPSec and Certificates

Security and identity (Network Access Protection, Parental Controls)

Windows Active Directory Environment

National Trust Platform

Presentation transcript:

NAAS 2.0 Features and Enhancements

Incorporates the latest federal cryptographic standards (FIPS) Enhancements Incorporates the latest federal cryptographic standards (FIPS) Added XML Key Management Services version 2.0 Integrated with the federal E-Authentication Initiative Performance Improvements Important for standardizing PKI support internally in CDX Incorporates latest federal cryptographic standards for XML signature and XML encryption support. Includes XML Key Management Services version 2.0. provides a web services based interface for managing credentials. simplifies the way we manage PKI infrastructure. further secure the CDX and the Exchange Network and simplify CROMERR compliance. Certificate Arbitration Module (CAM) Provides support for multiple PKI certificates and establishes a federated approach to authentication. States Other Feds Industry Leading effort for the federal E-Authentication Initiative. Latest HHS version of the E Authentication CAM was deployed and integrated into the Network Authentication and Authorization Services. .

Trust Framework Can establish trust with other credential providers through token sharing and cross validation. Allow sharing of identity information with other identity stores securely. Promote Single Sign-on (SSO) across domains and applications.

Strong Authentications Provide many authenticate mechanisms such as digest auth, key auth and certificate auth. Support e-Authentication and government wide trust network. Validate external certificates using Certificate Arbitration Module (CAM). Promote Secure Authentication Key (SAK) for machine to machine authentications.

Authorization Policy Enhancements Support both role-based and entity-based access control rules. Subjects in policy setting can be either account name or group name. Grant rights to administrators of the same node to manage all accounts and policies within the node. Enforce default policies automatically if resource URI is provided in the Validate call.

XML Key Management Services XKMS 2.0 is now a component in NAAS 2.0. Support all standard XKMS methods for key and certificate management. Provide online registration of keys, issuance of certificates, and validation of certificates. XKMS services have been integrated with the Node Client 2007 and will be accessible through CDX in the future.

Internal Architecture Changes Uses FIPS-compliant security module for encryption and signature. Performance enhancement cross the board using latest tools. Denial of Service (DoS) attack detection and prevention. Protection of buffer overrun, stack overflow and other software exceptions.