Browser User Certificate Mail Box VOMS-Admin Host Tomcat TR1) Users Trusts “VOMS-Admin” server identity. step1 TR2) User Trusts data (Data1, HTML response)

Slides:

Advertisements

Similar presentations

MFA for Business Banking – Security Questions with 2nd Request Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.

Advertisements

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

MFA for Business Banking – Security Questions with Reset Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

PowerPoint presentation of first 25 pages of instructional manual Edith Fabiyi Essentials of Internet Access.

Research and Innovation Participant Portal How to register for an ECAS account NEXT.

Lecture 6/2/12. Forms and PHP The PHP $_GET and $_POST variables are used to retrieve information from forms, like user input When dealing with HTML forms.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

Existing Customer: Please visit Bonaqua Website for registration.

Design of Web-based Systems IS Development: lecture 10.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Infrastructure for Multi-Professional Education and Training Using Shibboleth.

Creating your website Using Plain HTML. What is HTML? ► Web pages are authored in HyperText Markup Language (HTML) ► Plain text is marked up with tags,

ASP Cookies Y.-H. Chen International College Ming-Chuan University Fall, 2004.

1 Enabling Secure Internet Access with ISA Server.

CO1552 Web Application Development HTML Forms. Websites can be made more interactive by providing facilities for users to provide data To get user entered.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

The EPIKH Project (Exchange Programme to advance e-Infrastructure Know-How) VOMS Installation and configuration Bouchra

UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

CHAPTER 11 Spoofing Attack. INTRODUCTION Definition Spoofing is the act of using one machine in the network communication to impersonate another. The.

Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.

In the web address box enter Enter your user ID (first and last initial 7 digit ID number) Select Log in.

PHP1-1 PHP Lecture 2 Xingquan (Hill) Zhu

Moving towards VOMS-admin Alberto Rodríguez Peón IT-PES-PS.

SDS ACCOMMODATE: Student Portal Semester Request Form ( Request for Classroom Accommodations ) Student Disability Services.

Module 3 Managing Recipient Objects. Module Overview Managing Mailboxes Managing Other Recipients Configuring Address Policies Configuring Address.

CIS 450 – Network Security Chapter 4 - Spoofing. Definition - To fool. In networking, the term is used to describe a variety of ways in which hardware.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

BeamAuth : Two-Factor Web Authentication with a Bookmark 14 th ACM Conference on Computer and Communications Security Ben Adida Presenter : SJ Park.

Next Steps: becoming users of the NGS Mike Mineter

MEMBERSHIP AND IDENTITY Active server pages (ASP.NET) 1 Chapter-4.

10 1 Hidden Fields and CGI/Perl Programming By Diane Zak.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Authentication and Authorisation for Research and Collaboration Peter Solagna Milano, AARC General meeting Current status and plans.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

Grid Security and Identity Management Mine Altunay Security Officer, Open Science Grid, Fermilab.

Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()

EGI-InSPIRE RI Grid Training for Power Users EGI-InSPIRE N G I A E G I S Grid Training for Power Users Institute of Physics Belgrade.

Gilda certificates. Certification Authority

Access to the GRID Access by means of an User Interface (UI). It could be: –A dedicated PC, installed in a similar way to the others grid elements –UI.

Academia Sinica Grid Computing Certification Authority F2F interview (Malaysia )

Internet The internet is the largest computer network system in the world. It consists of many smaller networks connected together by a global public.

1] MTNL ID user with/without static IP

Munix Bus WiFi Authentication, Log Management, Internet Security, Content Filter & VPN Service Internet Gateway & Business Intelligence

HA CRER Portal - Quick User Guide

Setting and Upload Products

CAS and Web Single Sign-on at UConn

Some bits on how it works

CRC exercises Not happy with the way the document for testbed architecture is progressing More a collection of contributions from the mware groups rather.

Networking for Home and Small Businesses – Chapter 6

Roadrunner Error 530 Call 1 (888) Toll-free

Yahoo Support Ireland Toll-Free Number:

Networking for Home and Small Businesses – Chapter 6

Database Driven Websites

Chapter 27: System Security

Flowserve Distributor Online Store & Portal

Web Systems Development (CSC-215)

Flowserve Distributor Online Store & Portal

REQUESTING ACCESS TO FMBS

Certificate Revocation

Creating an Intelink Passport Account intelink

How to Delete a Requisition Using Owl Link

Networking for Home and Small Businesses – Chapter 6

Using “virtual” Data Provider capabilities

Your computer is the client

FIRST TIME USER - REGISTRATION INSTRUCTIONS

Presentation transcript:

browser User Certificate Mail Box VOMS-Admin Host Tomcat TR1) Users Trusts “VOMS-Admin” server identity. step1 TR2) User Trusts data (Data1, HTML response) sent from the Server only perform authorized actions; data is not corrupted; and data is sent by the VOMS_Admin server. User trusts “Data1” for (Integrity, Authenticity, Authorization) properties TR3) VOMS-Admin Trusts data (Data2, certificate and the request) from the user only performs authorized activity (nothing other than registering or removing user’s own account) and VOMS-Admin trusts that Data2 is sent by the user owning the DN in the request. VOMS-Admin trusts Data2 for (Authorization, Authenticity, Integrity) Connect to VOMS- Admin and requests Membership (1) Requests data (2) Sends request and Certificate data(3)

Because of TR2 and TR3, a user trusts data submitted from all other users. TR4) A user trusts “Data4” sent from another user to only perform authorized actions. This is relationship has the assumption that Data1 may have an effect on Data2, and Data4 has an affect on Data3. Otherwise, the trust relationship is not held true. User1 VOMS-Admin Server Trusts Data1 for (Integrity, Authorization, Authenticity) Trusts Data2 for (Integrity, Authorization, Authenticity) User2 Data1 Data2 Data3 Data4 Trusts Data3 Trusts Data4 Trusts Data4 for (Integrity, AuthN AuthZ) Trusts Data1 for (Integrity, AuthN AuthZ)

Voms-Admin SMTP Server Mail Box Mail Box user Sends to user confirmation User Confirms owning the address TR5) Voms-Admin trusts that the address is not malicious (has no malicious script) TR6) VOMS-Admin assumes only user can have access to the address TR7) SMTP server trusts address is not malicious (has no malicious script) TR8) User trusts the is from VOMS-Admin (not spoofed) TR9) User trusts the has no malicious links (the link for confirmation takes the user to the real VOMS-Admin web page and Does not try to compromise user’s computer)

VOMS-Admin SMTP Server Mail Box Mail Box VO-Admin Sends membership request membership request VO-Admin approves Or rejects the request TR10) VOMS-Admin Trusts that the address of VO-Admin is not malicious (does Not contain a script). TR11) VOMS-Admin Trusts only the VO-Admin can access the address TR12) The VO-Admin Trusts the really come from the VOMS-Admin (not spoofed) TR13) VO-Admin Trusts that the has no malicious links or scripts TR14) VOMS-Admin Trusts only VO-Admin can access approval/rejection portal. VOMS-Admin Trusts the browser cookie of VO-Admin. VOMS-Admin assumes nobody can access the cookie except the VO-Admin