David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.

Slides:



Advertisements
Similar presentations
April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.
Advertisements

Internet Protocol Security (IP Sec)
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Identity Management Realities in Higher Education NET Quarterly Meeting January 12, 2005.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule”
Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
Cryptographic Technologies
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.
Signing and Encrypting With the Thawte Web of Trust CSU Professional Development Institute January 8, 2009 Steve Lovaas.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 12-1© 2007 Prentice-Hall, Inc ELC 200 Day 22.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Computer Science Public Key Management Lecture 5.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Digital Signatures. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies are as good as original.
Cryptography 101 Frank Hecker
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
Copyright ©1997 NetDox, Inc. All Rights Reserved. CONFIDENTIAL 1 DATE HERE Julie Grace - NetDox, Inc. Emerging Internet Commerce.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
1 Secure Commonwealth Panel Health and Medical Subpanel Debbie Condrey - Chief Information Officer Virginia Department of Health December 16, 2013 Virginia.
Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.
Security+ All-In-One Edition Chapter 14 – and Instant Messaging Brian E. Brzezicki.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
Cryptography. Introduction Encryption  The art (or science) of putting messages into a code, and the study of those coding techniques. Decryption  The.
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
Security in ebXML Messaging CPP/CPA Elements. Elements of Security P rivacy –Protect against information being disclosed or revealed to any entity not.
1 Integrating digital signatures with relational database: Issues and organizational implications By Randal Reid, Gurpreet Dhillon. Journal of Database.
Identity Proofing, Signatures, & Encryption in Direct esMD Author of Record Workgroup John Hall Coordinator, Direct Project June 13, 2012.
DIGITAL SIGNATURE.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 ICT and E-Business Strategies For Development Geneva, October.
Security Using PGP - Prajakta Bahekar. Importance of Security is one of the most widely used network service on Computer Currently .
1 X.509-style PKI Revolves around the distribution and management of digital identity certificates Invented in 1978 to facilitate message encryption In.
Digital Signatures and Digital Certificates Monil Adhikari.
Electronic Security and PKI Richard Guida Chair, Federal PKI Steering Committee Chief Information Officers Council
The Trusted Network · · · LEFIS PKI · · · 2 nd June, 2006 · Sofia by Leonardo Catalinas · May 2006
Supports the development & implementation of a IPPC Global ePhyto Hub to: Utilize modern Cloud technology. Ensure there is a secure folder for each countries’
Electronic Banking & Security Electronic Banking & Security.
LESSON 12 Business Internet. Electronic business, or e-business, is the application of information and communication technologies (ICT) in support of.
Firewalls and Tunneling Firewalls –Acts as a barrier against unwanted network traffic –Blocks many communication channels –Can change the design space.
Key management issues in PGP
Public Key Infrastructure (PKI)
S/MIME T ANANDHAN.
Security in ebXML Messaging
Presentation transcript:

David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit - August 2004 David L. Wasley University of California

2 Why do you want PKI? v Strong identity credentials? l Yes v Digital signatures? l Yes v Does everyone need those? l Not today … v Credentials that other organizations can trust? l Federated identity management is more flexible v So what’s the cost/benefit proposition?

3 Maybe it’s asymmetric cryptography v Asymmetric crypto (AC) has important, unique capabilities l Privacy of shared documents s Wherever they go l Integrity of documents s Any digital document, e.g. photographs … l Authenticity of documents s If you know who had access to the private key v The last bullet is what PKI is about

4 Where do you need Privacy? v Sharing confidential documents l E.g. workgroup environments v Exchanging sensitive l E.g. HIPAA requirements for PHI messaging v Sensitive document archiving l Who has access to the backup tapes, e.g.? v Your application here …

5 Where do you need Integrity? v Is the you forwarded to me really what the originator sent? v Is this version of the 150 page contract in MSWord unchanged from what I sent you? v Is this web site really what the authors put up? v Critical document archiving v Etc…

6 Where do you need Authenticity? v Is this a photograph taken at the crime scene? v Yes - Acme, Inc. agrees to this contract l Sez who? v Can I believe this ID credential? l Trusted roots, bridges, etc… v Is this the official archived version? v Anywhere you need to know who vouches for the content, and that the content is what s/he vouches for.

7 Where do you need strong credentials? v Business processes where there is risk that can be mitigated in this way v Where digital signatures are important l Who archived this document? v Where smartcards provide protection against credential sharing v Etc…

8 Where do you need PKI? v Where ever you need to know who owns a particular private key v Strong ID credentials are one example l Smartcards help protect the private key v The technology can be used more broadly if only it was there… l E.g. S/MIME (!) l I think this is why we should support today’s PKI

9 “PKI” may be different in the future v Today’s PKI is pretty rigid l Especially the vendor products l How about signed XML credentials with easily extensible content? l How about “personal PKI” for friends, groups, …? v Signing and encryption should be an integral part of the computing environment, available to any application in a consistent, standards based methodology.

10 Asymmetric Cryptography can … v help address vulnerabilities in information management v help ensure document integrity where it matters v help mitigate risk in e-business by adding some level of authenticity to transactions v be an important tool in our IT environments v …

11 So what does this all mean? v Yes, we need a PKI l For certain applications now l For lots of applications eventually v Start with the applications that need AC l Digital signatures l Document integrity l Strong ID credentials v The rest will follow because the infrastructure will be there

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.