1 DoD Public Key-Enabling (PK-E) of Applications 1st Annual PKI Research Workshop NIST 4/25/02.

Slides:

Advertisements

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

Advertisements

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.

DRIVING DOD POLICY FOR COMMON CRITERIA TESTING OF IT PRODUCTS Wanda Nuckolls, Product Security Project Manager Canon U.S.A., Inc. Government Marketing.

The Federation for Identity and Cross-Credentialing Systems (FiXs) FiXs ® - Federated and Secure Identity Management in Operation Implementing.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

Electronic Filing Case Study NSW Land and Environment Court.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

PKI Implementation in the Real World

United States DoD Public Key Infrastructure: Deploying the PKI Token

October 3, Partnerships for VoIP Security VoIP Protection Profiles David Smith Co-Chair, DoD VoIP Information Assurance Working Group NSA Information.

Public Key Infrastructure Ben Sangster February 23, 2006.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Chapter 11: Active Directory Certificate Services

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

COMP8130 and 4130Adrian Marshall 8130 and 4130 Test Management Adrian Marshall.

Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.

PROTECTION OF NATO INFORMATION AND NATO CIS Col

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure Ammar Hasayen ….

NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.

Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Web Services Quality Model V2.0 Business Value Quality Group Business Value Quality Cost Suitability Effect Service Measurement Quality Group Service Level.

HEPKI-TAG UPDATE Jim Jokl University of Virginia

Certification and Accreditation CS Phase-1: Definition Atif Sultanuddin Raja Chawat Raja Chawat.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

PKI Forum Business Panel March 6, 2000 Dr. Ray Wagner Sr. Director, Technology Research.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.

Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Security in ebXML Messaging CPP/CPA Elements. Elements of Security P rivacy –Protect against information being disclosed or revealed to any entity not.

Security Engineering Assurance & Control Objectives Priyanka Vanjani ASU Id #

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

Manish Mehta, CS 590L Authentication Services in Open Grid Services by Manish Mehta April 27, 2004.

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

DoD Network Initiatives CEISC 13 Apr 2006 Mr. Walter Coley Ms. Kathy Cotton AFWA/SCM Distribution Authorized to U.S. Government Agencies and their Contractors.

1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.

Fax: (703) DoD BIOMETRICS PROGRAM DoD Biometrics Management Office Phone: (703)

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council

Security in ebXML Messaging

جايگاه گواهی ديجيتالی در ايران

Public Key Infrastructure from the Most Trusted Name in e-Security

Technical Approach Chris Louden Enspier

E-Lock ProSigner ProSigner means “Professional Signer” signifying the software that can apply legally enforceable Advanced electronic signatures to electronic.

NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.

Install AD Certificate Services

National Trust Platform

Presentation transcript:

1 DoD Public Key-Enabling (PK-E) of Applications 1st Annual PKI Research Workshop NIST 4/25/02

2 Overview PK-E distinct from PKI Definition of “PK-E” Interoperability with DoD PKI “Security Goodness” Protection Profile, Technical Instruction, Proof of Concept (POC)

3 PK-E Distinct from PKI PK Infrastructure - CAs and RAs and LRAs, Revocation Information Repositories, Certificate Policies, Certification Practice Statements, etc, etc PK-Enabling - builds or modifies applications to use the security services supported by the PKI

4 Definition of PK-E An application is PK-Enabled if it –Can accept and process a DoD PKI X.509 digital certificate in order to use one or more of the security services supported by the DoD PKI (confidentiality, authenticity, integrity, non-repudiation) –Contains an interface to the Common Access Card (CAC) or other DoD approved hard token –Collects, stores and maintains any data required to support digital signature and data encryption –Maintains accurate time to a sufficient degree of precision

5 Interoperability with DoD PKI Determined by the Joint Interoperability Test Command (JITC) by means of “DoD PKI Interoperability Master Test Plan”.

6 “Security Goodness” Application could pass JITC functional test for “interoperability” with DoD PKI but still be deficient in “security” National Security Telecommunications and Information Systems Security Policy (NSTISSP), Number 11- requires U.S. Govn. IT systems to be evaluated and validated by Common Criteria after 1 July 2002

7 Protection Profile (PP) Public Key-Enabled Protection Profile – generic, system level PP, for PK-Enabled applications –In draft, soon to be presented for NIAP evaluation

8 PK-E Technical Instruction One-stop document (theory, policy, technical, procurement) for an application owner/manager (contract to be awarded in 5/02)

9 PK-E TI Proof of Concept Contractor who wrote TI uses it to PK-E an application selected by USMC (part of TI contract to be awarded in 5/02)

10 Further Study How much is all this going to cost? Role of PKI/PK-E in a tactical environment (some of the standard assumptions don’t apply) Can an application be “partially PK- Enabled”?

11 PK-Enabled ? SSLServer ID/PW User Web Server Database Tier 1 Tier 2Tier 3