Inside the PKI Framework: * Activating the Puzzle Pieces PKI Summit Snowmass August 10 2001.

Slides:



Advertisements
Similar presentations
May 06, 2002 Getting Started with Digital Certificates: Is PKI-Lite Real PKI? Internet2 Spring Meeting 2002 Wash, DC.
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E IEPG March 2000 APNIC Certificate Authority Status Report.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Access management for repositories: challenges and approaches for MAMS James Dalziel Professor of Learning Technology and Director, Macquarie E-Learning.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
CREN-Mellon conference, December 1, 2001 University of Texas PKI Status.
HEPKI-TAG Activities January 2002 CSG Meeting Jim Jokl
1 HEPKI-TAG Update EDUCAUSE/Dartmouth PKI Summit July 26, 2005 Jim Jokl University of Virginia.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Monitoring and Supervision Seminar 15 June 2006, Rotterdam, The Netherlands Safe and trustworthy access in a working environment: the MoodlePKI project.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Dartmouth PKI Deployment Robert Brentrup PKI Summit July 14, 2004.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E 36th RIPE Meeting Budapest 2000 APNIC Certificate Authority Status Report.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
UNCLASS DoD Public Key Infrastructure LCDR Tom Winnenberg DISA API1 Chief Engineer 25 April 2002.
Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.
1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.
1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
1 Grids and PKI Bridges (Globus Toolkit) EDUCAUSE/Dartmouth PKI Summit July 26, 2005 Shelley Henderson - USC Jim Jokl - Virginia.
Technical Issues that Challenge PKI Deployments Jim Jokl University of Virginia PKI Meeting August 12, 2004.
Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.
Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data.
Aegis Identity Software, Inc. presents Trends in Identity and Access Management in Higher Education to US Federations June 20, 2012 Janet Yarbrough – Director.
1 PKI Update September 2002 CSG Meeting Jim Jokl
F. Guilleux, O. Salaün - CRU Middleware activities in French Higher Education.
CREN Certificate Authority Project: Update from Georgia Tech Ron Hutchins 28 March 2000.
HEPKI-TAG UPDATE Jim Jokl University of Virginia
1 PKI & USHER/HEBCA Fall 2005 Internet2 Member Meeting Jim Jokl September 21, 2005.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
X.509/PKI There is progress.... Topics Why PKI? Why not PKI? The Four Stages of X.509/PKI Other sectors Federal Activities - fBCA, NIH Pilot, ACES, other.
Configuring Directory Certificate Services Lesson 13.
CAMP PKI UPDATE August 2002 Jim Jokl
Co Chairs C. W. Goldsmith University of Alabama at Birmingham David L. Wasley University of California Office of the President.
Security and Privacy Policy The World Has Changed! Common Solutions Group Jack McCredie January 9, 2004.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.
My.umich.edu Partial Integration of Dynamic Services with Visual Design.
NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.
Evolution of the Open Science Grid Authentication Model Kevin Hill Fermilab OSG Security Team.
Building Security into Your System Bill Major Gregory Ponto.
PKI Activities at Virginia September 2000 Jim Jokl
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Slide 1 August CSF NEbraskaCERT Certificate Authority Matthew G. Marsh 08/20/03.
Internet2 Middleware Initiative Shibboleth Ren é e Shuey Systems Engineer I Academic Services & Emerging Technologies The Pennsylvania State University.
Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.
Higher Ed Certificate Authority by CREN: Update CSG February 2, 2000.
Day 3 Roadmap and PKI Update. When do we get to go home? Report from the BoFs CAMP assessment, next steps PKI technical update Break Research Issues in.
The Trusted Network · · · LEFIS PKI · · · 2 nd June, 2006 · Sofia by Leonardo Catalinas · May 2006
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
Gilda certificates. Certification Authority
1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.
Certificate Security For Users Obtaining and Using Your Personal Certificate using the OSG PKI Kyle Gross – OSG Operations Support Lead Elizabeth Prout.
Secure Enterprise Technology Initiatives e-Provisioning Group
Dartmouth College Status Report
Lecture 4 - Cryptography
Fed/ED December 2007 Jim Jokl University of Virginia
Building Security into Your System
September 2002 CSG Meeting Jim Jokl
Presentation transcript:

Inside the PKI Framework: * Activating the Puzzle Pieces PKI Summit Snowmass August

8/10/01www.cren.net2 Themes —(1)Parallelism and (2) Build on What We Have… 1. Technical developments (TAG) 2. Policy Developments (PAG) 3. Web Lite & Ultra-Lite PKI Services

PKI is a complex set of technologies — Thus lots of pieces... Theme #3: Time to Get Started...

8/10/01www.cren.net4 Sample Uses of Digital Certificates with Web Applications from Campuses  Inter-library Loan Requests  Student Registration  Transcripts  Faculty to see grade reports, etc  Students to see their grade reports  Housing Lottery  HR Self Service  E-commerce  Access to Class or Departmental Materials  Access to journals from non-campus machines  Portal Authentication  Network Requests From HEPKI-TAG /J. Jokl Chart

8/10/01www.cren.net5 What Can CREN Bring to this Space?  Educational Services  CA Higher education services, tailored to and responsive to higher education

8/10/01www.cren.net6 Adding Value with CREN CA Services  Intra-campus Services - Web Server Certificates l Support secure web server applications and services Solves need for secure authorization for campus services  Inter-Institutional Services - Institutional Certs l Support secure and convenient access to learning and research materials anywhere and anytime Solves messy problems associated with proxy servers Certifies Campus Certificates for many purposes  Both Campus and Inter-Institutional Services - Institutional Certs l Support secure and signed Solves problems of sending documents and communications securely and with integrity

8/10/01www.cren.net7 Web Server Certs Service Web Server Certs Service Campus Services - Authorization - Signed, Secure Campus Services - Authorization - Signed, Secure PKI Landscape…The Campus Infrastructure for Digital Certs Campus Infrastructure - Know Your People - Issue Digital Certificates - Setup Secure Servers Campus Infrastructure - Know Your People - Issue Digital Certificates - Setup Secure Servers CREN CA Institutional Certificate Service

8/10/01www.cren.net8 Core PKI Pieces - Campus Packaging

8/10/01www.cren.net9 Supporting CA Services Overview  Policy work l Supporting the HE_CP Work l Update CREN CPS (January 27, 2000)  Educational Services - Seminars, etc  Getting Started Projects  Certificate Repository

8/10/01www.cren.net10 CA Educational Services  Seminars l Directories and Certificate Authority Services January and June 2001 Supported by NSF Almost 100 institutions represented... Survey on state of implementation at campuses...  Frequently Asked Questions (FAQ) Series PKI Infrastructure (1999) Institutional Directories (April, 2000)

8/10/01www.cren.net11 CA Educational Services - What’s Next?  Seminars l Directories and Certificate Authority Services More being planned… Clear requests/feedback on what to do next...  Web site updating  CA Bulletins - Examples l Loading Root Certificates l Accessing JSTOR with Digital Certificates  TechTalks...

8/10/01www.cren.net12 CREN CA Web Server Certificates  Available now  Self-signed root issued on July 12, 2001, valid until July 10, 2009  Issued to institutions via existing institutional technical contacts l One contact/conduit per institution l Quick turnaround after CSR is received  Users will load CREN root into browser - See “Root Bulletin” and web site

8/10/01www.cren.net13 Getting Started with Dig Certs - The JSTOR Project  Goal: l Use digital certificates to access JSTOR l Draft Bulletin…  Project supported by Mellon  A PKI-Lite Project using rudimentary level of assurance (LOA)  Project just redesigned over last two weeks  Org Committee recommended to focus on librarians and 2-3 content providers

8/10/01www.cren.net14 Getting Started with Dig Certs - The JSTOR Project  Meeting at Internet2/Austin  Institutions with IT people and librarians who work well together  Invite institutions  Proposed scope of project... l Issue certificates to needy faculty, students l Develop materials to enthuse and disseminate information and opportunity l Report on projects at Spring CNI

8/10/01www.cren.net15 Getting Started with Dig Certs - The JSTOR Project  JSTOR is ready — is digital certificate- enabled with a log-in url ready  Applies three tests to certificates l Is the issuer of certificate, such as U of Minn in their current licensee database? l Is the certificate a valid certificate, in that it has not expired? l Is the certificate a valid certificate — does it contain a valid chain to a recognized root, i.e. CREN?

8/10/01www.cren.net16 Web Server Certs Service Web Server Certs Service Campus Uses - Authorization - Signed, Secure Campus Uses - Authorization - Signed, Secure The Campus Infrastructure and Link to Content Providers Campus Infrastructure - Know Your People - Issue Digital Certificates - Setup Secure Servers Campus Infrastructure - Know Your People - Issue Digital Certificates - Setup Secure Servers Content Providers - Non-Profit - For-Profit - University Databases CREN CA Institutional Certificate Service

8/10/01www.cren.net17 Making progress… “Because it is Time”

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.