January 6, 1999Common Solutions Group1 X.509 University Michael R. Gettes Princeton University Computing & Information Technology.

Slides:

Advertisements

Similar presentations

Easy-to-access Forkie has developed a suite of web-based applications specifically for sports administrators, committee members and team managers – called.

Advertisements

DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Password?. Project CLASP: Common Login and Access rights across Services Plan

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Georgetown University or Whaassuuuup PKI? Michael R. Gettes Lead Application Systems Integrator “LASI”

Password?. Project CLASP: Common Login and Access rights across Services Plan

CNI Fall 1998 Access Management Requirements and Approaches Joan Gargano California Digital Library

Oracle Beehive Vivek Pavle Orabyte LLC Orabyte.

Public Key Infrastructure at the University of Pittsburgh Robert F. Pack, Vice Provost Academic Planning and Resources Management March 27, 2000 CNI Spring.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

The Sherlock Project Purdue University, Department of Computer Sciences Sponsored by Tellabs, Inc. Doug Clark - Group Leader Tobey Pasheilich Raj Talwar.

Web Services Security Multimedia Information Engineering Lab. Yoon-Sik Yoo.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

X.509 at the University of Michigan CIC-RPG Meeting June 7, 1999 Kevin Coffman Bill Doster

Use of Kerberos-Issued Certificates at Fermilab Kerberos  PKI Translation Matt Crawford & Dane Skow Fermilab.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

Client Solution Secure collaboration with partners on customer initiatives and transactions Internal users push content to site without multiple authentication.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Security Jonathan Calazan December 12, 2005.

Solution Briefing Unified Communications, Collaboration, and Cloud.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

May 10, 2001An Overview of the Princeton University Web - Calendars 1 Calendars on the Princeton Web  Two “flavors” of calendars: –Personal / Group &

Web Application Authentication with PKI & Other Functions Bill Weems & Mark B. Jones Academic Technology University of Texas Health Science Center at Houston.

VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;

Digital Certificates. What is a Digital Certificate? A digital certificate is the equivalent of your business card in the e-commerce world. It says who.

Module 4 Managing Client Access. Module Overview Configuring the Client Access Server Role Configuring Client Access Services for Outlook Clients Configuring.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Natick Public Schools Technology Presentation February 6, 2006 Dennis Roche, CISA Director of Technology.

KX509: Leveraging Kerberos to Obtain Digital Certificates for Web Client Authentication University of Michigan Kevin Coffman Bill Doster.

Security Keys, Signatures, Encryption. Slides by Jyrki Nummenmaa ‘

CREN Certificate Authority Project: Update from Georgia Tech Ron Hutchins 28 March 2000.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

9/16/1998CSG - Chicago E- 1 Collaboration Services Group (CSG) Systems And Networking Computing & Information.

© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager.

Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.

Configuring Directory Certificate Services Lesson 13.

Password? CLASP Project FOCUS Meeting, 12 October 2000 Denise Heagerty, IT/IS.

Single Sign-On in the Danish Educational Sector Per Thorboll Deputy director UNI-C.

By Jared.  Under the terms of the alliance, epals this fall will add Microsoft’s

Chandler and Higher Education Spring CSG Meeting Princeton.

Web Services Security Patterns Alex Mackman CM Group Ltd

Module 1: Overview of Microsoft Office SharePoint Server 2007.

Digital Signatures and Digital Certificates Monil Adhikari.

May 12, 1999Common Solutions Group, DS Workshop1 Directory Design & Operations at Princeton University Michael R. Gettes Collaboration Services Group (CSG)

Jump to first page Internet Security in Perspective Yong Cao December 2000.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter One Introduction to Exchange Server 2003.

Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.

Encryption and Security Tools for IA Management Nick Hornick COSC 481 Spring 2007.

Integrating the Healthcare Enterprise The Integration Profiles: Basic Security Profile.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden

Message Digest Cryptographic checksum One-way function Relevance

Dartmouth College Status Report

Modular Object Scanning Technology (MOST)

Chandler and Higher Education

Unit 8 Network Security.

Operational Issues in Directories (selected)

Presentation transcript:

January 6, 1999Common Solutions Group1 X.509 University Michael R. Gettes Princeton University Computing & Information Technology Collaboration Svcs Group (CSG), Mgr

January 6, 1999Common Solutions Group2 Collaboration Svcs Group (CSG) and Mailing Lists Directory Services (LDAP, CSO, NIS) NetNews Security Infra (Kerberos, Certificates) Document Management (print/fax, imaging) Calendaring Development and SysAdmin functions

January 6, 1999Common Solutions Group3 X.509 Princeton University Summer 1997 –Local Considerations –Entrust v. Others –Netscape Certificate Server –Secure using Certificates –Servers and Users Decision on University Policy Future?

January 6, 1999Common Solutions Group4 Summer 1997 What MIT had done as seen at Spring CSG! How to do it for Princeton? Investigation of current offerings –Entrust vs. Verisign vs. RollYourOwn Inc. Entrust and others –Cost is prohibitive ($700,000) Netscape Certificate Server

January 6, 1999Common Solutions Group5 Netscape Certificate Server Informix Database Management Easy Administrative Interface VGI for automatic verification –Kerberos authentication (SSL protected) IE poorly supported until recently LDAP Integration but No Key Escrow FREE!!!(at the time)

January 6, 1999Common Solutions Group6 Secure User Impact With Netscape and IE/Outlook –Sophisticated Users could endure –Size of messages –Impact on University business SSL for Servers –That’s the easy part

January 6, 1999Common Solutions Group7 University Policy February, 1998 –Cabinet issues policy regarding key escrow –University business must be able to recover critical communications and transactions –CIT cannot support secure until key escrow is available –Recommendation to departments as well

January 6, 1999Common Solutions Group8 Future? Netscape Certificate Server –Will support Key Escrow –How much will it cost? (< $1/certificate) –Will users be able to use it? –To PGP or not to PGP Cost is the driving force –Entrust is makes deal for 11 million certs for about $1.1 million (with Canadian gov’t)???