Presentation is loading. Please wait.

Presentation is loading. Please wait.

NAAS 2.0 Features and Enhancements

Published byΣπύρο Κυπραίος Modified over 5 years ago

Similar presentations

Presentation on theme: "NAAS 2.0 Features and Enhancements"— Presentation transcript:

1 NAAS 2.0 Features and Enhancements

2 Incorporates the latest federal cryptographic standards (FIPS)
Enhancements Incorporates the latest federal cryptographic standards (FIPS) Added XML Key Management Services version 2.0 Integrated with the federal E-Authentication Initiative Performance Improvements Important for standardizing PKI support internally in CDX Incorporates latest federal cryptographic standards for XML signature and XML encryption support. Includes XML Key Management Services version 2.0. provides a web services based interface for managing credentials. simplifies the way we manage PKI infrastructure. further secure the CDX and the Exchange Network and simplify CROMERR compliance. Certificate Arbitration Module (CAM) Provides support for multiple PKI certificates and establishes a federated approach to authentication. States Other Feds Industry Leading effort for the federal E-Authentication Initiative. Latest HHS version of the E Authentication CAM was deployed and integrated into the Network Authentication and Authorization Services. .

3 Trust Framework Can establish trust with other credential providers through token sharing and cross validation. Allow sharing of identity information with other identity stores securely. Promote Single Sign-on (SSO) across domains and applications.

4 Strong Authentications
Provide many authenticate mechanisms such as digest auth, key auth and certificate auth. Support e-Authentication and government wide trust network. Validate external certificates using Certificate Arbitration Module (CAM). Promote Secure Authentication Key (SAK) for machine to machine authentications.

5 Authorization Policy Enhancements
Support both role-based and entity-based access control rules. Subjects in policy setting can be either account name or group name. Grant rights to administrators of the same node to manage all accounts and policies within the node. Enforce default policies automatically if resource URI is provided in the Validate call.

6 XML Key Management Services
XKMS 2.0 is now a component in NAAS 2.0. Support all standard XKMS methods for key and certificate management. Provide online registration of keys, issuance of certificates, and validation of certificates. XKMS services have been integrated with the Node Client 2007 and will be accessible through CDX in the future.

7 Internal Architecture Changes
Uses FIPS-compliant security module for encryption and signature. Performance enhancement cross the board using latest tools. Denial of Service (DoS) attack detection and prevention. Protection of buffer overrun, stack overflow and other software exceptions.

Download ppt "NAAS 2.0 Features and Enhancements"

Similar presentations

NRL Security Architecture: A Web Services-Based Solution

NRL Security Architecture: A Web Services-Based Solution
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
PKI Implementation in the Real World

PKI Implementation in the Real World
Implementing and Administering AD FS

Implementing and Administering AD FS
April 18, 2006 Shared Services Tools and Technologies.

April 18, 2006 Shared Services Tools and Technologies.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.

“...creating knowledge.” Enabling Digital Content Protection on Super-Distribution Models - Carlos Serrão ISCTE – Intituto Superior.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.

U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.

Dorian Grid Identity Management and Federation Dialogue Workshop II Edinburgh, Scotland February 9-10, 2006 Stephen Langella Department.
Understanding Active Directory

Understanding Active Directory
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Network Shared Services. Shared Services –Network Authentication and Authorization Services –Exchange Network Discovery Service –Universal Description.

Network Shared Services. Shared Services –Network Authentication and Authorization Services –Exchange Network Discovery Service –Universal Description.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –

Identity and Access Management IAM A Preview. 2 Goal To design and implement an identity and access management (IAM) middleware infrastructure that –
Web services security I

Web services security I
Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure from the Most Trusted Name in e-Security.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Similar presentations

Ads by Google