Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t CF SINDES Secure INformation DElivery System CERN IT/CF-ASI.

Slides:



Advertisements
Similar presentations
CCTracker Presented by Dinesh Sarode Leaf : Bill Tomlin IT/FIO URL
Advertisements

AUTHENTICATION AND KEY DISTRIBUTION
Experience Building and Supporting Secure Ad Hoc Collaborations Deb Agarwal Lawrence Berkeley National Laboratory Ad Hoc Collaboration - Internet2 Fall.
Chapter 1 – Introduction
Social Engineering Jero-Jewo. Case study Social engineering is the act of manipulating people into performing actions or divulging confidential information.
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Open source web analytics.
1 July 2005© 2005 University of Kent1 Seamless Integration of PERMIS and Shibboleth – Development of a Flexible PERMIS Authorisation Module for Shibboleth.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF CERN Business Continuity Overview Wayne Salter HEPiX April 2012.
CERN - IT Department CH-1211 Genève 23 Switzerland t SVN Pilot: CVS Replacement Manuel Guijarro Jonatan Hugo Hugosson Artur Wiecek David.
Operating Systems & Infrastructure Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS CERN Search Updates Eduardo Alvarez November.
CERN IT Department CH-1211 Genève 23 Switzerland t Integrating Lemon Monitoring and Alarming System with the new CERN Agile Infrastructure.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Ideas for 2011 Prepare must be done work items –Warranty –Software maintenance –Commitments.
Database  A database is an organized collection of data for one or more purposes, usually in digital form. The data are typically organized to model.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS CERN Single Sign-On Summer 2012 Updates Emmanuel.
Projects. High Performance Computing Projects Design and implement an HPC cluster with one master node and two compute nodes. (Hint: use Rocks HPC Cluster.
AI project components: Facter and Hiera
Windows 2000 Active Directory Service COSC 513 Yongquan Cai 03/10/2001.
CERN IT Department CH-1211 Geneva 23 Switzerland t CF Messaging System Ivan, Omar, Sergio 14 march 2012.
Operating Systems & Infrastructure Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS OIS Feedback on Module Responsibilities.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Make the most of Office 2010, Expression.
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Working with Windows 7 at CERN Michał Budzowski.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Drupal Database Selection Tim Bell 6 th June.
NECTEC-GOC CA Self Audit 7 th APGrid PMA Face-to-Face meeting March 8 th, 2010 Large-Scale Simulation Research Laboratory Sornthep Vannarat Large-Scale.
CERN IT Department CH-1211 Geneva 23 Switzerland t Daniel Gomez Ruben Gaspar Ignacio Coterillo * Dawid Wojcik *CERN/CSIC funded by Spanish.
CERN IT Department CH-1211 Genève 23 Switzerland t Castor development status Alberto Pace LCG-LHCC Referees Meeting, May 5 th, 2008 DRAFT.
PKI Activities at Virginia September 2000 Jim Jokl
High Assurance / Enhanced Validation Name of Presenter: Kevin Brown Date: August 5th Confidential.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Password? CLASP Project FOCUS Meeting, 12 October 2000 Denise Heagerty, IT/IS.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Update on Windows 7 at CERN & Remote Desktop.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF CERN Computer Centre Upgrade Project Wayne Salter HEPiX November.
CERN - IT Department CH-1211 Genève 23 Switzerland t OIS Deployment of Exchange 2010 mail platform Pawel Grzywaczewski, CERN IT/OIS HEPIX.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF Automatic server registration and burn-in framework HEPIX’13 28.
CERN IT Department CH-1211 Geneva 23 Switzerland t CF Computing Facilities Agile Infrastructure Monitoring CERN IT/CF.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF SCRUM Do’s and Don’ts ITTF 31 May 2013 Miguel Santos CERN IT/CF.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS First look at the Mobile Framework Ivan Deloose,
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF Lemon for Quattor I.Fedorko CERN CF/IT 16 March 2011.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF CERN Computer Centre Consolidation Project Vincent Doré IT Technical.
CERN General Infrastructure Services Department CERN GS Department CH-1211 Geneva 23 Switzerland SMS CERN General Infrastructure.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF Agile Infrastructure Monitoring HEPiX Spring th April.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF CF Monitoring: Lemon, LAS, SLS I.Fedorko(IT/CF) IT-Monitoring.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Drupal at CERN Juraj Sucik Jarosław Polok.
CERN IT Department CH-1211 Genève 23 Switzerland t CERN IT Monitoring and Data Analytics Pedro Andrade (IT-GT) Openlab Workshop on Data Analytics.
Trusted Computing and NSTIC Andrew Tarbox Director Federal Business Wave Systems Corp November 14, 2012.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF Alarming with GNI VOC WG meeting 12 th September.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF Hardware failures Wayne Salter on behalf of Olof B ärring.
CERN IT Department CH-1211 Genève 23 Switzerland t Migration from ELFMs to Agile Infrastructure CERN, IT Department.
Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.
Lemon security. Previous security enhancements user lemon: lemon-db-admin-OraMon will create user lemon (Miro). - OraMon switches to user lemon at its.
CERN IT Department CH-1211 Genève 23 Switzerland t SL(C) 5 Migration at CERN CHEP 2009, Prague Ulrich SCHWICKERATH Ricardo SILVA CERN, IT-FIO-FS.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Tim Bell CERN IT/OIS 7 th September 2010 Service Management Meeting.
Site Authorization Service Local Resource Authorization Service (VOX Project) Vijay Sekhri Tanya Levshina Fermilab.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF CC Monitoring I.Fedorko on behalf of CF/ASI 18/02/2011 Overview.
CERN IT Department CH-1211 Genève 23 Switzerland t Single Sign On, Identity and Access management at CERN Alex Lossent Emmanuel Ormancey,
Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF Cluman: Advanced Cluster Management for Large-scale Infrastructures.
Platform & Engineering Services CERN IT Department CH-1211 Geneva 23 Switzerland t PES Agile Infrastructure Project Overview : Status and.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Web site lifecycles Problem is that web sites live forever –Out of date sites with.
CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Discussing possibility of deleting archives.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS The new Account Management Identity, Authentication,
CERN IT Department CH-1211 Genève 23 Switzerland t DPM status and plans David Smith CERN, IT-DM-SGT Pre-GDB, Grid Storage Services 11 November.
OPEN SOURCE SYSTEMS FOR
pVault Sharing Architecture
Managing your Personal Documents with OneDrive
CERN Certificates platform Emmanuel Ormancey / Anatoly Gladkov
The new EDAMIS and its security
Presentation transcript:

Computing Facilities CERN IT Department CH-1211 Geneva 23 Switzerland t CF SINDES Secure INformation DElivery System CERN IT/CF-ASI

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Outline What is SINDES Weak points How to improve

CERN IT Department CH-1211 Geneva 23 Switzerland t CF What is SINDES Main purpose: –CA - manage the certificates –Store & deliver confidential information

CERN IT Department CH-1211 Geneva 23 Switzerland t CF SINDES – Certificate Authority CA functionality: Create certificates Sign certificates Confirm identities Revoke certificates

CERN IT Department CH-1211 Geneva 23 Switzerland t CF SINDES – Storage & delivery Storage centre Upload secret files Store passwords Deliver files in a secure way

CERN IT Department CH-1211 Geneva 23 Switzerland t CF What is SINDES Main purpose: –CA - manage the certificates –Store & deliver confidential information Architecture based on OpenSSL x509 standard, Apache with mod_ssl and mod_rewrite Automated certification process – client has defined time window to ask for a certificate

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Outline What is SINDES Weak points How to improve

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Weak points of SINDES Usability –No delete file feature –Only two target types: cluster host today also subcluster type needed –No mechanism to move a machine between clusters –No view file feature; fetch file to client only –No file versioning

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Weak points of SINDES Security issues: –Only one SINDES system user anybody with the access may tamper any file stored with SIDNES no user information in log files –No privileges granularity

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Weak points of SINDES On the one hand: –System in production serving more than hosts at CERN –A number of crucial applications relying on SINDES CA functionality to authenticate (i.e. Lemon, CDB, CluMan) On the other hand: –Limited functionality –Room for improvement in security aspect

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Outline What is SINDES Weak points How to improve

CERN IT Department CH-1211 Geneva 23 Switzerland t CF How to improve SINDES Ways of improvement –Enhance the usability and security in the current version of the system –Find and adopt a new tool, keep the functionality Freeware tools: i.e. wallet by Russ Allbery –Write a completely new tool We have 1 year manpower starting from the 1 st October 2010

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Thank you We would be glad to receive any feedback from You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.