PKI Summit August 2004 Technical Issues to Deploying PKI on Campuses.

Slides:

Advertisements

Similar presentations

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

Advertisements

May 06, 2002 Getting Started with Digital Certificates: Is PKI-Lite Real PKI? Internet2 Spring Meeting 2002 Wash, DC.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

Federal PKI Architecture Update

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed June 2005.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

The U.S. Federal PKI and the Federal Bridge Certification Authority

The PKI Lab at Dartmouth. Dartmouth PKI Lab R&D to make PKI a practical component of a campus network Multi-campus collaboration sponsored by the Mellon.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.

NIH-EDUCAUSE Interoperability Project, Phase 3: Fulfilling the Promise Dartmouth PKI Implementation Workshop Peter Alterman, Ph.D. Assistant CIO for E-Authentication.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress July 2004 Dartmouth PKI Summit.

Federal Bridge Certification Authority n Background n Overview n EMA Challenge Test structure n Participants n Results n Conclusions and lessons learned.

HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.

1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl

9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.

The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee.

The U.S. Federal PKI, 2004: Report to EDUCAUSE Peter Alterman, Ph.D. Assistant CIO for E-Authentication National Institutes of Health.

Public Key Infrastructure from the Most Trusted Name in e-Security.

1 Digital Credential for Higher Education John Gardiner August 11, 2004.

1 Grids and PKI Bridges (Globus Toolkit) EDUCAUSE/Dartmouth PKI Summit July 26, 2005 Shelley Henderson - USC Jim Jokl - Virginia.

Transforming Education Through Information Technologies Common Solutions Group, January, 2002 (Sanibel Island) HEBCA: Higher Education.

HEBCA Overview Internet2 Meeting, Fall 2002 Michael R Gettes Georgetown University

1 PKI & USHER/HEBCA Fall 2005 Internet2 Member Meeting Jim Jokl September 21, 2005.

16 June ‘04Fed/ED1 Filling the FPKI Void Tice F. DeYoung Fed/ED 16 June ‘04.

X.509/PKI There is progress.... Topics Why PKI? Why not PKI? The Four Stages of X.509/PKI Other sectors Federal Activities - fBCA, NIH Pilot, ACES, other.

GC Credential Management Evolution for the OASIS/World Bank eGov Workshop 17 th April, 2009For information, please contact:

The NIH PKI Pilots Peter Alterman, Ph.D. … again.

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Update on PKI Activities in the Spanish Academic Network PKI-COORD November 26, Amsterdam.

PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

I-CIDM Bridge to Bridge Working Group (BBWG) Purpose and Activities Fed-Ed Meeting The Fairmont Hotel Washington, DC December 14, 2004 Debb Blanchard Enspier.

HEBCA Overview CSG, uWash, 2002 Michael R Gettes Georgetown University

The Federal PKI Or, How to Herd Worms Peter Alterman Senior Advisor, Federal PKI Steering Committee.

Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.

Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

PKI Session Overview 1:30 pm edt - Welcome, etiquette, session outline 1:40 pm edt - HEPKI-TAG Update (Jim Jokl, Virginia) 2:00 pm edt - HEPKI-PAG Update.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Higher Ed Bridge CA Extending Trust Across Higher Education - And Beyond David L. Wasley University of California.

Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.

Shibboleth Trust Model Shibboleth/SAML Communities (aka Federated Administrations) Club Shib Club Shib Application process Policy decision points at the.

HEBCA – The Operating Authority July 2005 Dartmouth PKI Summit.

Day 3 Roadmap and PKI Update. When do we get to go home? Report from the BoFs CAMP assessment, next steps PKI technical update Break Research Issues in.

Libpkix & CertPath: Bringing High Quality Certificate Handling to the Masses PKI Higher Education Summit July 14, 2004 Steve Hanna, Sun Microsystems, Inc.

Welcome to Base CAMP: Enterprise Directory Deployment Ken Klingenstein, Director, Internet2 Middleware Initiative Copyright Ken Klingenstein This.

Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council

Certification Path Processing in the Tumbleweed Validation Authority Product Line Federal Bridge CA Meeting 10/14/2004 Stefan Kotes, Engineering Manager.

Trusted Electronic Communications for Federal Student Aid Mark Luker Vice President EDUCAUSE Copyright Mark Luker, This work is the intellectual.

Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.

Interoperability and the Evolving Federal PKI Richard Guida, P.E. Member, Government Information Technology Services Board Chair, Federal PKI Steering.

1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.

Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.

1 XML Key Management Specification XKMS Dr Phillip Hallam-Baker FBCS CEng. VeriSign Inc.

E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.

Federation Systems, ADFS, & Shibboleth 2.0

U.S. Federal e-Authentication Initiative

Public Key Infrastructure from the Most Trusted Name in e-Security

Technical Approach Chris Louden Enspier

Inter-institutional Trust Fabric Overview and Synergies

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Sixth Annual PKI Summit at Snowmass, Colorado August 2004.

Presentation transcript:

PKI Summit August 2004 Technical Issues to Deploying PKI on Campuses

Technical Issues  Determining the scope of the PKI within a Campus and/or Campuses –What is easy to implement and provides a broad acceptance? Mutual authenticated Web Services

Technical Issues  PKE –Enabling Legacy Applications Its difficult to do How do you Authenticate Users to these applications –Proxy Authentication via Web Server then how do you map that to authorizations to these apps. –New Applications and COTs based PKI Libraries Do they support PKI the way I need it. –Validation through (CRLS, OCSP, SCVP, XKMS, Bridge aware) –CML (Digitalnet), IAIK Java tools, Peter Guttmans PKI, Suns PKI libs

Technical Issues  Consistent Certificate Profiles –Are the certificates being manufactured in a manor that enable Maximum Interoperability?

Technical Issues  Consistent Processing of Certificates and Extensions –Validation Methods –Discovery of Paths and Validation of Paths  Standards are to flexible there are to many options. –Europeans are doing things differently than the US.

Betrusted Shared Service Provider (SSP)

What is it in a nutshell?  A pre-qualified PKI services for Federal Agencies –Issue certificates to Federal Employees and Affiliated personnel –Hierarchical PKI signed by a Federal Root which is cross-certified to the FBCA. -All vendors must comply with the Federal Common Policy

So Betrusted is interested in providing a Higher Ed Solution  I will be looking talk with Edu-Cause about Betrusted providing PKI pricing based on a variant of our SSP.