Presentation is loading. Please wait.

Presentation is loading. Please wait.

Local switch NIC1 128.198.162.50 FC4 NIC2 10.0.0.1 Main switch Win-XP 10.0.0.12 IIS 10.0.0.11 Domain-controller 10.0.0.10 128.198.162.51 128.198.162.52.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Local switch NIC1 128.198.162.50 FC4 NIC2 10.0.0.1 Main switch Win-XP 10.0.0.12 IIS 10.0.0.11 Domain-controller 10.0.0.10 128.198.162.51 128.198.162.52."— Presentation transcript:

1 Local switch NIC1 128.198.162.50 FC4 NIC2 10.0.0.1 Main switch Win-XP 10.0.0.12 IIS 10.0.0.11 Domain-controller 10.0.0.10 128.198.162.51 128.198.162.52 128.198.162.53 Internet SIS Network Topology And IP assignments

2 The Testbed A 4-machine testbed has been built. It contains the following: –Windows server 2003 with AD (The Domain Controller). –Windows server 2003 with IIS 6.0 (The web server). –Windows XP (a client). –Fedora Core 4 with IPtables-based firewall (A Gateway).

3 The SIS Admin Tool An admin tool is being developed to provide an easy-to-use GUI for setting up the SIS environment. C# (C# Express 2005 IDE) has been used. The main three components that we have so far are: –Public Key Infrastructure (PKI) setup. –Privilege Management Infrastructure (PMI) setup. –Certificates Management.

4 PKI PMI Features: –Creating new Certificate Authorities(CAs). –Loading an existing CAs. –Issuing a single digital cert (DC) and storing it in the AD, based on a GUI form. –Issuing a bunch of DCs and storing them in the AD, based on a simple text file. Features: –Creating new Attribute Authorities (AAs). –Loading an existing AA. –Issuing a single attribute cert (AC) and storing it in the AD, based on a GUI form. –Issuing a bunch of ACs and storing them in the AD, based on a simple text file.

5

6 Certificates Management Check & validate a digital certificate. Revoke a digital certificate. Check & validate an attribute certificate. Revoke an attribute certificate.

7

8 Packages & techniques OpenSSL [http://www.stunnel.org/download/binaries.html]: A wrapper compiled in binaries (exe file) has been used to implement the PKI part.http://www.stunnel.org/download/binaries.html JCE-IAIK [http://jce.iaik.tugraz.at/]: A set of java APIs and implementations of cryptographic functionality that has been used to implement the PMI part.http://jce.iaik.tugraz.at/ IKVM.NET [http://www.ikvm.net]: an implementation of Java for the Microsoft.NET Framework that has been used to allow us using the IAIK java-based package in the.NET.http://www.ikvm.net CryptLib [http://www.cs.auckland.ac.nz/~pgut001/cryptlib/] or [http://www.cryptlib.com]: a security toolkit that allows adding encryption and authentication services.http://www.cs.auckland.ac.nz/~pgut001/cryptlib/http://www.cryptlib.com * (We faced problems with it [files format & AC errors], therefore, we replaced it with the OpenSSL solution).

Download ppt "Local switch NIC1 128.198.162.50 FC4 NIC2 10.0.0.1 Main switch Win-XP 10.0.0.12 IIS 10.0.0.11 Domain-controller 10.0.0.10 128.198.162.51 128.198.162.52."

Similar presentations

Planning and Administering Windows Server® 2008 Servers

Planning and Administering Windows Server® 2008 Servers
International Telecommunication Union Workshop on Standardization in E-health Geneva, 23-25 May 2003 The Use of X.509 in E-Healthcare Professor David W.

International Telecommunication Union Workshop on Standardization in E-health Geneva, May 2003 The Use of X.509 in E-Healthcare Professor David W.
Citrix Secure Gateway v1.1 Technical Presentation August 2002 Technical Presentation August 2002.

Citrix Secure Gateway v1.1 Technical Presentation August 2002 Technical Presentation August 2002.
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
1.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.

Microsoft Windows Server 2008 Software Deployment Chris Rutherford EKU Technology: CEN/CET.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
Make Secure Information Sharing (SIS) Easy and an Reality C. Edward Chow, PI Osama Khaleel Bill Kretschmer C. Edward Chow, PI Osama Khaleel Bill Kretschmer.

Make Secure Information Sharing (SIS) Easy and an Reality C. Edward Chow, PI Osama Khaleel Bill Kretschmer C. Edward Chow, PI Osama Khaleel Bill Kretschmer.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Wednesday, June 03, 2015 © 2001 TrueTrust Ltd1 PERMIS PMI David Chadwick.

Wednesday, June 03, 2015 © 2001 TrueTrust Ltd1 PERMIS PMI David Chadwick.
The EC PERMIS Project David Chadwick

The EC PERMIS Project David Chadwick
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
SIS: Secure Information Sharing for Windows Systems Osama Khaleel CS526 Semester Project.

SIS: Secure Information Sharing for Windows Systems Osama Khaleel CS526 Semester Project.
Implementing Native Mode and Internet Based Client Management.

Implementing Native Mode and Internet Based Client Management.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Similar presentations

Ads by Google