Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 DoD Public Key-Enabling (PK-E) of Applications 1st Annual PKI Research Workshop NIST 4/25/02.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 DoD Public Key-Enabling (PK-E) of Applications 1st Annual PKI Research Workshop NIST 4/25/02."— Presentation transcript:

1 1 DoD Public Key-Enabling (PK-E) of Applications 1st Annual PKI Research Workshop NIST 4/25/02

2 2 Overview PK-E distinct from PKI Definition of “PK-E” Interoperability with DoD PKI “Security Goodness” Protection Profile, Technical Instruction, Proof of Concept (POC)

3 3 PK-E Distinct from PKI PK Infrastructure - CAs and RAs and LRAs, Revocation Information Repositories, Certificate Policies, Certification Practice Statements, etc, etc PK-Enabling - builds or modifies applications to use the security services supported by the PKI

4 4 Definition of PK-E An application is PK-Enabled if it –Can accept and process a DoD PKI X.509 digital certificate in order to use one or more of the security services supported by the DoD PKI (confidentiality, authenticity, integrity, non-repudiation) –Contains an interface to the Common Access Card (CAC) or other DoD approved hard token –Collects, stores and maintains any data required to support digital signature and data encryption –Maintains accurate time to a sufficient degree of precision

5 5 Interoperability with DoD PKI Determined by the Joint Interoperability Test Command (JITC) by means of “DoD PKI Interoperability Master Test Plan”.

6 6 “Security Goodness” Application could pass JITC functional test for “interoperability” with DoD PKI but still be deficient in “security” National Security Telecommunications and Information Systems Security Policy (NSTISSP), Number 11- requires U.S. Govn. IT systems to be evaluated and validated by Common Criteria after 1 July 2002

7 7 Protection Profile (PP) Public Key-Enabled Protection Profile – generic, system level PP, for PK-Enabled applications –In draft, soon to be presented for NIAP evaluation

8 8 PK-E Technical Instruction One-stop document (theory, policy, technical, procurement) for an application owner/manager (contract to be awarded in 5/02)

9 9 PK-E TI Proof of Concept Contractor who wrote TI uses it to PK-E an application selected by USMC (part of TI contract to be awarded in 5/02)

10 10 Further Study How much is all this going to cost? Role of PKI/PK-E in a tactical environment (some of the standard assumptions don’t apply) Can an application be “partially PK- Enabled”?

11 11 PK-Enabled ? SSLServer ID/PW User Web Server Database Tier 1 Tier 2Tier 3

Download ppt "1 DoD Public Key-Enabling (PK-E) of Applications 1st Annual PKI Research Workshop NIST 4/25/02."

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.
DRIVING DOD POLICY FOR COMMON CRITERIA TESTING OF IT PRODUCTS Wanda Nuckolls, Product Security Project Manager Canon U.S.A., Inc. Government Marketing.

DRIVING DOD POLICY FOR COMMON CRITERIA TESTING OF IT PRODUCTS Wanda Nuckolls, Product Security Project Manager Canon U.S.A., Inc. Government Marketing.
The Federation for Identity and Cross-Credentialing Systems (FiXs) www.FiXs.org FiXs ® - Federated and Secure Identity Management in Operation Implementing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
Electronic Filing Case Study NSW Land and Environment Court.

Electronic Filing Case Study NSW Land and Environment Court.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
PKI Implementation in the Real World

PKI Implementation in the Real World
United States DoD Public Key Infrastructure: Deploying the PKI Token

United States DoD Public Key Infrastructure: Deploying the PKI Token
October 3, 20031 Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.

October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.
Public Key Infrastructure Ben Sangster February 23, 2006.

Public Key Infrastructure Ben Sangster February 23, 2006.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

Similar presentations

Ads by Google