UNCLASS DoD Public Key Infrastructure LCDR Tom Winnenberg DISA API1 Chief Engineer 25 April 2002.

Slides:

Advertisements

Similar presentations

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

Advertisements

 1997 Entrust Technologies Orchestrating Enterprise Security Entrust Public Key Infrastructure Erik Schetina Chief Technology Officer IFsec, LLC

Electronic Filing Case Study NSW Land and Environment Court.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

United States DoD Public Key Infrastructure: Deploying the PKI Token

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Public Key Infrastructure Ben Sangster February 23, 2006.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

PKI Administration Using EJBCA and OpenCA

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Figure 1: SDR / MExE Download Framework SDR Framework Network Server Gateway MExE Download + Verification Using MExE Repository (Java sandbox) MExE Applet.

An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Chapter 11: Active Directory Certificate Services

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Configuring Active Directory Certificate Services Lesson 13.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure Ammar Hasayen ….

Online AAI José A. Montenegro GISUM Group Security Information Section University of Malaga Malaga (Spain) Web:

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

1 PKI Update September 2002 CSG Meeting Jim Jokl

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

©Copyrights 2011 Eom, Hyeonsang All Rights Reserved Distributed Information Processing 20 th Lecture Eom, Hyeonsang ( 엄현상 ) Department of Computer Science.

Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.

Deploying PKI Inside Microsoft The experience of Microsoft in deploying its own corporate PKI Published: December 2003.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

PKI interoperability and policy in the wireless world.

Assuring e-Trust always 1 Status of the Validation and Authentication service for TACAR and Grids.

Johnson & Johnson’s Public Key Infrastructure Bob Stahl

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.

Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.

Configuring Directory Certificate Services Lesson 13.

Digital Signatures A Brief Overview by Tim Sigmon April, 2001.

Module 9: Fundamentals of Securing Network Communication.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

Compliance Defects in Public- key Cryptography “ A public-key security system trusts its users to validate each others’s public keys rigorously and to.

Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.

Online Certificate Status Protocol ‘OCSP’ Dave Hirose July Outline: What is OCSP? Digital Signatures Certificate Revocation List Technical aspects.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Creating and Managing Digital Certificates Chapter Eleven.

Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)

Some Technical Issues in PKI Deployment David Chadwick

Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council

WLCG Authentication & Authorisation LHCOPN/LHCONE Rome, 29 April 2014 David Kelsey STFC/RAL.

Presented by: Defense Manpower Data Center Access Card Office

کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)

CompTIA Security+ Study Guide (SY0-501)

Public Key Infrastructure from the Most Trusted Name in e-Security

RSA Digital Certificate Solutions RSA Solutions for PKI David Mateju RSA Sales Consultant

Presentation transcript:

UNCLASS DoD Public Key Infrastructure LCDR Tom Winnenberg DISA API1 Chief Engineer 25 April 2002

UNCLASS Outline Objectives Progression of technical capabilities Current enterprise Future vision

UNCLASS Functional Objectives and Description COTS-based architecture Support of multiple applications and vendors through open systems, standards-based approach FIPS-compliant crypto modules Services include digital signature/ non-repudiation, authentication, key escrow and recovery of confidentiality (decryption) keys

UNCLASS Milestones August 1998: Medium Assurance Pilot introduced with two certificates (signing, ) July 2000: Release 2 delivers CA signing in h/w, functional separation of certs, and key escrow and recovery of decryption keys October 2001: Release 3 delivers operational issuance to the DoD Common Access Card (CAC)

UNCLASS Directory Service Users Registration Authorities Certification Authorities Root Local Registration Authorities DECC Dets Chambersburg and Denver Current DoD CLASS 3 PKI NSA Finksburg

Person Authentication& Data Update Establish User Generate Keys Obtain Certificates Load Keys DEERS Data Base Inquiry Demographic and Personnel information ID Card, Picture and Fingerprint Release 3 Integrated Process 2 1 Certificate Authority Directory Services Certificate Requests and decryption keys for escrow 3 User’s Smart Card (CAC) Private Key generation on the card. 4 6 CERT V.O. 5 CERT

UNCLASS Future Vision DoD Mobile Code signing implementation Support for Microsoft Win2K Smart Card logon Browser-based key recovery and card “maintenance” Revocation information improvements Testing and deployment of On-line Certificate Status Protocol (OCSP) service Testing http reference in CRL Distr. Point Testing Delta CRL implementation Focus on enabling applications to use PKI