Presentation is loading. Please wait.

Presentation is loading. Please wait.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current."— Presentation transcript:

1 May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current Campus Authentication Methodologies Authentication Advanced Technology Project Briefly Discuss UC Davis Interest in Middleware and Authentication

2 May 22, 2002 UC Davis Security Architecture

3 May 22, 2002 UC Davis Security Architecture Prevention: Proactive and reactive information security policies, standards, procedures, guidelines, tools, security awareness programs and authentication and authorization methodologies Assurance: Tools and strategies to evaluate and maintain an effective information security program, such as security vulnerability assessments Detection and Investigation: The timely detection, investigation, tracking and management reporting of information security breaches Recovery: Tools and practices to develop and implement timely recovery from information security breaches, including loss of service availability and/or integrity.

4 May 22, 2002 Current Common Authentication Methodologies CyberSafe Kerberos Avoids Transmittal of Clear Text Password Supports Distributed Authentication User Authentication from a Web Browser Integrated into: –MyUCDavis Portal Authentication –Central Wireless Services –Web Content for Campus-Affiliated Users Hardware Tokens Two-factor Authentication One-time Passwords

5 May 22, 2002 Campus Plans to Reduce Reliance on Hardware Tokens Issue: How Do We Strengthen the Security of Authentication Systems Relying on Reusable Passwords? Insecure Applications Password Format Password Aging Dictionary Checks Upon Selection LDAP Queries Last Used Information Source IP Address Account Lockouts Login Banners Authorization vs. Authentication

6 May 22, 2002 Authentication Advanced Technology Project Identify Strategic Authentication Requirements Review Existing Authentication Services Review Authentication Alternatives Functionality and Usability Scalability Security Provide Strategic Recommendations that Meet Campus Common Authentication Needs and Consistent with NBA Vision for Single-Signon

7 May 22, 2002 Middleware and Authentication Authentication is A Key Infrastructure Service Shared by Applications and Users Requires Identity Assertion and Identity Credential Verification Requires Enterprise Directory for Identity Attributes PKI is Important for Middleware Security Services Digital Credentials and Digital Signatures Supports Non-Repudiation Elements Supports Federated Authentication Model

Download ppt "May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current."

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
3SKey 3SKey.

3SKey 3SKey.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.

Identity Management at the University of Florida Mike Conlon, Director of Data Infrastructure University of Florida, Gainesville, Florida Background Identity.
A Public Web Services Security Framework Based on Current and Future Usage Scenarios J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software.

A Public Web Services Security Framework Based on Current and Future Usage Scenarios J.Thelin, Chief Architect PJ.Murray, Product Manager Cape Clear Software.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Federated Identity and Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 15, 2013

1 Federated Identity and Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 15, 2013
Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.

Information Security Confidential Two-Factor Authentication Solution Overview Shawn Fulton January 15th, 2015.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Strong Authentication Project CD/DCD/Computer Security Team Fermi National Accelerator Laboratory Mark Kaletka Matt Crawford.

Strong Authentication Project CD/DCD/Computer Security Team Fermi National Accelerator Laboratory Mark Kaletka Matt Crawford.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.

Technical Issues with Establishing Levels of Assurance Zephyr McLaughlin Lead, Security Middleware Computing & Communications University of Washington.
Information Security Policies and Standards

Information Security Policies and Standards
CNI Fall 1998 Access Management Requirements and Approaches Joan Gargano California Digital Library

CNI Fall 1998 Access Management Requirements and Approaches Joan Gargano California Digital Library
Chapter 10: Analyzing Systems Using Data Dictionaries Instructor: Paul K Chen.

Chapter 10: Analyzing Systems Using Data Dictionaries Instructor: Paul K Chen.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Enterprise Portal Authentication: who are you? Authorization: what are you permitted to do? Personalization: the web pages you see are dynamically created.

Enterprise Portal Authentication: who are you? Authorization: what are you permitted to do? Personalization: the web pages you see are dynamically created.

Similar presentations

Ads by Google