The Unique Challenges of Rolling Out a PKI in the U.W. Academic Environment Nicholas A. Davis.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

1 PKI Buy vs. Build Decision at UW-Madison Presented by Nicholas Davis PKI Project Leader UWMadison, Division of Information Technology.
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Selecting the Right Network Access Protection (NAP) Architecture Infrastructure Planning and Design Published: June 2008 Updated: November 2011.
Florian Stiller. Agenda Review of key objectives How did we do? Organizational overview Top issues facing the company Review of our progress Key spending.
PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.
Nick Vennaro, NHIN Team (Contractor), Office of the National Coordinator for Health IT Michael Torppey, CONNECT Health IT Security Specialist (Contractor)
Finitiatives Learnings India Private Limited. Executive Summary FLIP offers India’s largest range of e-learning & certifications, in Banking & Finance.
Best Practices in Teaching Systems Engineering to Undergraduates 1 The Systems Engineering University Affiliated Research Center 1st.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.
Password?. Project CLASP: Common Login and Access rights across Services Plan
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
Password?. Project CLASP: Common Login and Access rights across Services Plan
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
PKI Past, Present and Future at the UW Nicholas Davis, PKI Project Leader Eighth Annual Educause PKI Summit.
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
802.1x EAP Authentication Protocols
Information Technology and Applications Chapter 2 – Application software Professor Pepper.
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
Parent teacher evening 20/2/12
Microsoft Windows XP Remote Desktop Alvin Loh Program Manager Terminal Services Group.
Pretty Good Privacy (PGP)
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
 Advantages  Easy to learn  Graphical Advantages  Help and Support  Widely used  Software compatibility  Customisable  Customisable Hardware 
Untangle and OpenVPN. ‏ What is OpenVPN? Allows secure remote connection Based on SSL Uses UDP 1194 Supports – Site to Site (hardware to hardware) – Site.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
Steven Borg | Co-founder & Strategist, Northwest Cadence Anthony Borton | ALM Consultant, Enhance ALM.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Terminal Services in Windows Server ® 2008 Infrastructure Planning and Design.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Making Digital Security a Reality With PKI Nicholas A. Davis, UW-Madison November 28, 2006.
Microsoft Windows 8.1 Enterprise: A brief overview of Microsoft Windows 8 Enhancements. Welcome!
Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.
WIRELESS LAN SECURITY Using
Deploying PKI Inside Microsoft The experience of Microsoft in deploying its own corporate PKI Published: December 2003.
Internet Security for Small & Medium Business Week 6
VPN Protocol What is a VPN? A VPN is A network that uses Internet or other network service to transmit data. A VPN includes authentication and.
Bring The Best to VeriSign. 2 VM3:Software Engineer –Network Operations Req # : 175,183 Position : Software Engineer - Network Operations Job Description.
Nicholas A. Davis DoIT Middleware September 29, 2005.
SEC303 Assessing and Managing Privacy in the Enterprise JC Cannon Privacy Strategist.
© 2009 PGP Corporation Confidential State of Key Management Brian Tokuyoshi Solution Manager.
President’s Forum and WSML 2012 Mobile Market Dynamics Deborah Clark, Dawn Davis, Brian Duckering, Marie Pettersson 1 “A Day in the Life of a Mobile Family”
Abdullah Alshalan Garrett Drown Team 3 CSE591: Virtualization and Cloud Computing.
Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.
TeamCluster Project Real time project management solutions Harry Hvostov April 27, 2002.
Engineering & Science Careers in Academia, Learning from ADVANCE & Translating Effectively NSF# Social, Behavioral, & Economic Sciences ADVANCE-PAID:
PKI Update December, 2008 Nicholas Davis. Quick Background 2004 UW-Madison purchased co-managed solution from Geotrust Both client certs and SSL certs.
Federal Acquisition Service U.S. General Services Administration eOffer/eMod Training eOffer/eMod Training Keonia Cobbins Systems Development Office of.
COVER LETTERS AN INTRO TO THE RESUME. Cover Letters Are Included With Resumes And Sent To Prospective Employers With The Purpose Of ; u Applying for a.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
Security Planning and Administrative Delegation Lesson 6.
Welcome!. Why students choose CCV Access – Open Admissions Value – Least expensive college in VT Flexibility – You can attend full or part-time Success.
The Decision to Buy vs. Build Nicholas Davis (UW-Madison) Tom McDonnell (Geotrust)
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Show Me the Money.  Your Loan Application Letter has no face  You will be judged by the quality of your writing (sound familiar ELA students?)  Carefully.
ANNUAL MEETING Board of DIrectors AGENDA  Review of key objectives  How did we do?  Organizational overview  Top issues facing the company  Review.
Preparing for a Special Visit: What Works Marjorie Jaasma, Roxanne Robbin, Scott Davis.
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
SCEP Simple Certificate Enrollment Protocol.
Virtual Private Network (VPN)
PKI Implementation at the University of Wisconsin-Madison
S/MIME T ANANDHAN.
Goals Introduce the Windows Server 2003 family of operating systems
PKI Update December, 2008 Nicholas Davis
Implementing Client Security on Windows 2000 and Windows XP Level 150
Install AD Certificate Services
Microsoft Virtual Academy
Presentation transcript:

The Unique Challenges of Rolling Out a PKI in the U.W. Academic Environment Nicholas A. Davis

Overview Eric Norman spoke about how the U.W. has protected its top level Root CA. Nick will speak about the challenges associated with bringing production quality PKI functionality to the U.W. academic environment.

Agenda Nick’s background with PKI and associated Public Key technologies. The U.W. end user environment The Requirements gathering process The specific PKI issues we are facing at the U.W. Our goals Q&A

Nick’s Background with PKI Spent the last 3 years as the PKI Administrator, E- Business Server (McAfee PGP) Administrator, and Remote User Authentication Administrator at American Family Insurance Very familiar with Entrust Managed the PKI needs of 6000 corporate users Joined U.W. Division of Information Technology in April 2004 as PKI Program Manager

The U.W. End User Environment OS Environment at the U.W. is the opposite of my corporate experience. To use the term “varied” is an understatement. Windows 95, 98, ME, 2000, XP and of course, a smattering of Windows 3.1, Macintosh of all flavors, Linux, OS/2, Free BSD, and others Administration is highly decentralized. User skill level is highly varied User degree of devotion to their OS and associated applications fills the entire spectrum from passive to fanatical

The Requirements Gathering Process Why bother with requirements gathering? –“The customer knows best” –Helps to educate our potential user community. –Gives them a sense of having true involvement with the end product –Gives us clear, stated milestones to assist us in rolling out our PKI –Last but not least, helps to settle internal PKI team debate

The Requirements Gathering Process (Continued) Our requirements gathering process is made of: –Education –“Advertising” the virtues of PKI to the user community –Soliciting input from our “customers” in the form of both closed and open ended questions –Formulating a results “summary” and “next steps” document for management consideration

The Specific PKI Issues We Are Facing at the U.W. “To sign or not to sign?” – that is the first question Will we focus on server certificates, user certificates, or both? What will the certificates be used for? Authentication, Signing, Encryption, VPN, securing websites? Who do the end user certificates belong to? Will we perform Private Key Escrow? How will the system be administered and how will end user needs be managed? What Operating Systems and Applications will we support?

Our Goals Most importantly, a PKI which is endorsed by users on campus, widely used and meets end user needs. –In order to meet these goals, the PKI MUST be: Secure, at least to industry standards Manageable Compatible with the needs and desires of end users Flexible At a tolerable dollar cost for the U.W.

All questions and suggestions are welcome! Thank You! Nicholas A. Davis

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.