Modifying Managed Objects Alan Frindell 3/29/2011.

Slides:



Advertisements
Similar presentations
How to use the DET (Data Entry Tool) Core data Set H.
Advertisements

How to use the DET (Data Entry Tool) Core data Set J.
Normalisation.
KRAD Collections UI Review of UI design challenges – work in progress.
KMIP 1.3 SP Issues Joseph Brand / Chuck White / Tim Hudson December 12th,
The Librarian Web Page Carol Wolf CS396X. Create new controller  To create a new controller that can manage more than just books, type ruby script/generate.
User-Level Authentication in IPsec Scott Kelly IPsec Remote Access Working Group 47th IETF.
Draft-lemonade-imap-submit-01.txt “Forward without Download” Allow IMAP client to include previously- received message (or parts) in or as new message.
Table of Contents III: Use fields to create a TOC and create multiple TOCs Create a TOC by using fields Beyond the three basic methods of building a TOC.
Chapter 10 THINKING IN OBJECTS 1 Object Oriented programming Instructor: Dr. Essam H. Houssein.
File Management Chapter 12. File Management File management system is considered part of the operating system Input to applications is by means of a file.
File Management Chapter 12. File Management A file is a named entity used to save results from a program or provide data to a program. Access control.
KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.
Maintenance Modifying the data –Add records –Delete records –Update records Modifying the design –Add fields into tables –Remove fields from a table –Change.
A File System. A Programming Interface We will model the programming interface to a file system. This is a list of operations upon the file system, complete.
©Silberschatz, Korth and Sudarshan12.1Database System Concepts Chapter 12: Part A Part A:  Index Definition in SQL  Ordered Indices  Index Sequential.
KMIP Use Cases Update on the process. Agenda Goals Process Flow, Atomics, Batch, Composites, and Not KMIP Evaluating the Document in light of the Goals.
CORE 2: Information systems and Databases STORAGE & RETRIEVAL 2 : SEARCHING, SELECTING & SORTING.
Define Table Relationships—1 of 3 One of the most powerful features of a relational database management system, such as Access, is its ability to define.
MMG508.  Access Types  Tables  Relational tables  Queries  Stored database queries  Forms  GUI forms for data entry/display  Reports  Reports.
Project Implementation for COSC 5050 Distributed Database Applications Lab5.
Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.
© 2010 IBM Corporation 23 September 2015 KMIP Server-to-server: use-cases and status Marko Vukolic Robert Haas
1 © 2008 Avaya Inc. All rights reserved. IPOffice Configuration Service Emil Ratnam.
MINT Working Group Jan 9-10 at Harris FBC Melbourne, FL.
© 2008 The McGraw-Hill Companies, Inc. All rights reserved. ACCESS 2007 M I C R O S O F T ® THE PROFESSIONAL APPROACH S E R I E S Lesson 9 – Building Links,
KMIP Profiles version 1.3 A Method to Define Operations Access Control and Interaction Between a Client and Server Presented by: Kiran Kumar Thota & Bob.
KMIP 1.3 Deprecation February 20, Deprecation 5.1 KMIP Deprecation Rule Items in the normative KMIP Specification [KMIP-Spec] document can be marked.
CONFIDENTIAL H. Balogh, K. Toal RDN Release 27 Features April 9, 2014.
Using As series of training presentations How to edit an existing project September,
IP Security.  In CERTs 2001 annual report it listed 52,000 security incidents  the most serious involving:  IP spoofing intruders creating packets.
Insert Your Name Insert Your Title Insert Date Client Registration Open Issues Update 5/27/2011 Denis Pochuev (original proposal by Alan Frindell)
A Student Guide to Object- Oriented Development Chapter 10 Designing objects and classes.
Understanding SharePoint Content Module 1. Overview  Defining Content in SharePoint  Defining Management of SharePoint Content.
Security and Privacy for the Smart Grid James Bryce Clark, OASIS Robert Griffin, RSA Hal Lockhart, Oracle.
Design Patterns Software Engineering CS 561. Last Time Introduced design patterns Abstraction-Occurrence General Hierarchy Player-Role.
KMIP Support for PGP Things to take out Things to put in.
Here is the log in for your control panel. Enter your user name, password and click Login.
Get Random Proposal John Leiseboer 11 October 2012.
Indexing Database Management Systems. Chapter 12: Indexing and Hashing Basic Concepts Ordered Indices B + -Tree Index Files File Organization 2.
Chapter More on Classes Intro to Computer Science CS1510, Section 2 Dr. Sarah Diesburg.
ACCOUNT ADMINISTRATION. Objectives In this session you will learn how to: –Create Business Units. –Create new users and manage security settings. –Configure.
Separate Admin and Client Roles  Separation of Client and Admin roles If an app has authenticated as a client, Locate will return owned Managed (Crypto)
©2009 HP Confidential1 Proposal to OASIS KMIP TC Stan Feather and Indra Fitzgerald Hewlett-Packard Co. 26 October, 2010 Encoding Options for Key Wrap of.
© SafeNet Confidential and Proprietary KMIP Entity Object and Client Registration Alan Frindell Contributors: Robert Haas, Indra Fitzgerald SafeNet, Inc.
KMIP PKCS#12 February 2014 Tim Hudson – 1.
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell 2/18/2011.
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell Denis Pochuev 4/26/2011.
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell Denis Pochuev 4/27/2011.
Total Pages: 6 Electronic Requests using SMART Reviewing Authorizations Creating an Electronic Request for Authorized Services SMART provides Care Coordinators.
A Member of StarDyne Technologies Revised on April 7, 2013 Task Manager QUICK REFERENCE FOR AUTHORIZERS.
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell Denis Pochuev 4/26/2011.
Education is undergoing major change. We have many demands on our time.
Proposal to Update KMIP State Model Addition of Suspended, Revoked and Shredded key states.
Transactions Introduction.
MPEG-4 Binary Information for Scenes (BIFS)
>> PHP: HTML Integration
Appendix D: Network Model
KMIP Client Registration Ideas for Discussion
Cryptographic Usage Mask
Examples of Poor Primary Keys
KMIP Server-to-server: use-cases and status
Transactions Introduction.
Chapter 11: Indexing and Hashing
Access Control in KMIPv1.1/v2
KMIP Entity Object and Client Registration
Access: Queries IV Participation Project
How to Delete a Requisition Using Owl Link
Modified at -
Chapter 11: Indexing and Hashing
Presentation transcript:

Modifying Managed Objects Alan Frindell 3/29/2011

The Modify Problem As defined in 1.0, there is no mechanism to change the value of a managed object – only its attributes Managed cryptographic objects (keys, certs) appear immutable by design It is not possible to change the contents of an Opaque object in KMIP 1.0 – Client must destroy and re-Register – Results in UUID change If Entity is approved as a new managed object, the same problem will make it impossible to update Credentials

Solution A – re-use Modify Attribute Question: can all structures and fields defined outside of Section 3 be treated like attributes in all operations? Add Attribute and Delete Attribute also make sense What are the implications for Get Attributes / Get Attributes List / Locate? Operation: Modify Attribute UUID: Attribute: Attribute Name: "Opaque Object" Attribute Value: Structure (as defined in 2.2.8) Operation: Modify Attribute UUID: Attribute: Attribute Name: "Credential" Attribute Value: Structure (still TBD, but containing new password) Note: Even though Credential can be repeated inside Entity, it does not have an Attribute Index

Solution B – new operation: Modify Replace entire managed object with new managed object, retaining UUID and attributes Dodges “is everything an attribute question” Makes it challenging to add or delete a multi- valued structure field (eg: a Credential within an Entity) Operation: Modify UUID: Opaque Object: Structure (as defined in 2.2.8) Operation: Modify UUID: Entity: Structure Credential: Structure (TBD, containing new password)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.