Generic AAA Why generic AAA: scope and context.

Slides:

Advertisements

Similar presentations

Authentication Authorization Accounting and Auditing

Advertisements

OGSA Use Case Description Online Media & Entertainment v 0.1 mini 06-Feb-2002 Tan LuIBM Corporation Boas BetzlerIBM Corporation

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

Functional component terminology - thoughts C. Tilton.

Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.

A Heterogeneous Network Access Service based on PERMIS and SAML Gabriel López Millán University of Murcia EuroPKI Workshop 2005.

Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

1st MODINIS workshop Identity management in eGovernment Frank Robben General manager Crossroads Bank for Social Security Strategic advisor Federal Public.

Functional Model Workstream 1: Functional Element Development.

Secure Electronic Transaction (SET)

General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.

PIV 1 Ketan Mehta May 5, 2005.

© Synergetics Portfolio Security Aspecten.

ITU-T X.1254 | ISO/IEC An Overview of the Entity Authentication Assurance Framework.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

Network Security. Need for security  Connecting to the Internet is quickly becoming a necessity for companies/ individuals  Understand the security.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST

By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.

DIGITAL SIGNATURE.

The concepts of Generic AAA are described in RFC2903 [1] (Generice AAA Architecture) and RFC2904 [2] (Authorization Framework). Several.

1 sip-aaa-req.PPT/ 16 Jul 2002 / John Loughney SIP-AAA Requirements John Loughney Gonzalo Camarillo IETF 54.

Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.

E-Authentication & Authorization Presentation to the EA2 Task Force March 6, 2007.

CIA AAA. C I A Confidentiality I A Confidentiality Integrity A.

Copyright 2004 MayneStay Consulting Group Ltd. - All Rights Reserved Jan-041 Security using Encryption Security Features Message Origin Authentication.

AuthZ WG Conceptual Grid Authorization Framework document Presentation of Chapter 2 GGF8 Seattle June 25th 2003 Document AID 222 draft-ggf-authz-framework pdf.

ISO 9001:2015 Subject: Quality Management System Clause 8 - Operation

Operating Framework of Connection Networks OGF/NSI Working Group Chicago Oct. 10, 2012 John Vollbrecht & Leon Gommans University of Amsterdam.

Exploring opportunities in the OGSA service model– realising Utility Computing Jeffrin J. Von Reich Chief architect Hewlett Packard Software Global Unit.

© 2007 Open Grid Forum Authentication Service Profile Christos Kanellopoulos 14 th EUGridPMA, Lisbon, PT October 7 th, 2008.

Presented by Edith Ngai MPhil Term 3 Presentation

Trust Profiling for Adaptive Trust Negotiation

Training for developers of X-Road interfaces

Firewall Issues Research Group GGF-15 Oct Boston, Ma Leon Gommans - University of Amsterdam Inder Monga - Nortel Networks.

Integrated Management System and Certification

IETF 78 Ken Rehor on behalf of the team

Module 8: Securing Network Traffic by Using IPSec and Certificates

Inter operability of e-GP System

EMV® 3-D Secure - High Level Overview

Public Key Infrastructure (PKI)

University of Technology

Cyber Issues Facing Medical Practice Managers

Proposal for a Regulation on medical devices and Proposal for a Regulation on in vitro diagnostic medical devices Key Provisions and GIRP Assessment.

Draft ETSI TS Annex C Presented by Michał Tabor for PSD2 Workshop

Pooja programmer,cse department

Maryna Komarova (ENST)

Secure Electronic Transaction (SET) University of Windsor

Kerberos Kerberos is an authentication protocol for trusted hosts on untrusted networks.

E-Commerce for Developing Countries (EC-DC)

Chapter 27 Security Engineering

راهنمای مدیریت شکایات در بیمارستان ها

Chapter 4 Cryptography / Encryption

بسم الله الرحمن الرحیم فرآیند رسیدگی به شکایات

SharePoint Online Authentication Patterns

Module 8: Securing Network Traffic by Using IPSec and Certificates

AAA: A Survey and a Policy- Based Architecture and Framework

Appropriate Access InCommon Identity Assurance Profiles

NIST Cloud Computing Reference Architecture

Leon Gommans Enterasys Networks Betty de Bruijn Interpay Nederland

PKI (Public Key Infrastructure)

Chapter 5 SNMP Management

Chapter 5 SNMP Management

Una herramienta para la gestión de identidad, el control de acceso y uso compatible con la regulación de identidad europea eIDAS.

A Model For Network Security

National Trust Platform

Presentation transcript:

Generic AAA Why generic AAA: scope and context. What functions are needed and which of them important to Generic AAA How can we do it: Architecture. Actions Betty de Bruijn, Leon Gommans AAA ARCH interim IRFT meeting Dublin 26-27 / 6 / 2000

CONTEXT User Provider Service B. de Bruijn / L.Gommans 27/6/2000

CONTEXT User Provider Service B. de Bruijn / L.Gommans 27/6/2000

AAA CONTEXT User Provider Service Provider Topology User Organization Trust B. de Bruijn / L.Gommans 27/6/2000

Generic AAA Scope Allow: trusted access to trusted selection of a composition of services, offered by a number of autonomous providers. The service is perceived as a homogeneous service to a user or a member of a user organization. B. de Bruijn / L.Gommans 27/6/2000

Scope: Services Content / Application Service Transport Service. Electronic or Physical. Transport Service. Choice in quality of delivery (QoS, Security) Derived Services Monitoring & Verification Accounting Services Billing and Payment Service B. de Bruijn / L.Gommans 27/6/2000

Scope: Trust Authentication: Proof of Identity within user and provider community. Authorization: Proof of some Right. Confidentiality of requests and decisions Integrity of requests and decisions Traceability of requests and decisions Trust of components (hardware/software) involved in handling requests and decisions Trust in organizations involved in handling requests and decisions. B. de Bruijn / L.Gommans 27/6/2000

What: Functions important for Generic AAA. Authentication: Registration of identity Store identity Issue proof of identity Verify proof of identity <- Authorization: Registration of right Storage of right Issue proof of right Verify proof of right. <- Etc. B. de Bruijn / L.Gommans 27/6/2000

How Authentication: Authorization, confidentiality, etc …. Use generic AAA infrastructure to transport authentication requests and proofs of identity to appropriate parties involved. Transport authentication result to requesting party Investigate classes of authentication methods that are to be supported. Identify best methods/practices suitable for certain situations depending on volume, required strength, topology etc. Describe architecture of example applications. Authorization, confidentiality, etc …. B. de Bruijn / L.Gommans 27/6/2000

Actions: what next Identify functions to be supported by generic AAA. Identify functions to be performed by generic AAA. Place functions in a examples …. B. de Bruijn / L.Gommans 27/6/2000