SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

Slides:

Advertisements

Similar presentations

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.

Advertisements

Public Key Infrastructure and Applications

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.

Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.

IST Priority - No Venue:Bolzano eMayor Clustering Event Author(s):A. Kaliontzoglou, I. Stamatiou, P. Hengeveld Organisations: Expertnet S.A., Deloitte.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.

Principles of Information Security, 2nd edition1 Cryptography.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

1 TELECOM ITALIA GROUP Trial at the University of Rome: SIM-based Services Trial at the University of Rome: SIM-based Services Author: Alessandro Rabbini.

Chapter 10: Electronic Commerce Security. Electronic Commerce, Seventh Annual Edition2 Impact of Security on E-Commerce In 2006 an estimated $913 million.

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.

Web services security I

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure Ammar Hasayen ….

Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Leveraging UICC with Open Mobile API for Secure Applications and Services Ran Zhou.

EGov Interop'05 - Feb 23-24, Geneva (Switzerland) OBSERVATORY ON INTEROPERABLE eGOVERNMENT SERVICES eGov-Interop'05 Annual Conference February.

Deploying PKI Inside Microsoft The experience of Microsoft in deploying its own corporate PKI Published: December 2003.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

PKI interoperability and policy in the wireless world.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

WS-Security: SOAP Message Security Web-enhanced Information Management (WHIM) Justin R. Wang Professor Kaiser.

Configuring Directory Certificate Services Lesson 13.

Module 9: Fundamentals of Securing Network Communication.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Building Security into Your System Bill Major Gregory Ponto.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

One Platform, One Solution: eToken TMS 5.1 Customer Presentation November 2009.

Shibboleth Akylbek Zhumabayev September Agenda Introduction Related Standards: SAML, WS-Trust, WS-Federation Overview: Shibboleth, GSI, GridShib.

The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.

WS-Trust “From each,according to his ability;to each, according to his need. “ Karl marx Ahmet Emre Naza Selçuk Durna

Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.

EGEE-II INFSO-RI Enabling Grids for E-sciencE EGEE and gLite are registered trademarks Security Token Service Valéry Tschopp - SWITCH.

CaGrid 2.0 Security Prototype 1. Goals Prototype some proposed security solutions – Ensure interoperability across programming models – Ensure interoperability.

Security Token Service (STS) Design & Development Plans Henri Mikkonen / HIP 3 rd EMI All-Hands Meeting , Padova, Italy.

1 Thuy, Le Huu | Pentalog VN Web Services Security.

Web Services Security Patterns Alex Mackman CM Group Ltd

Task Force CoRD Meeting / XML Security for Statistical Data Exchange Gregory Farmakis Agilis SA.

EMI is partially funded by the European Commission under Grant Agreement RI Federated Grid Access Using EMI STS Henri Mikkonen Helsinki Institute.

EMI is partially funded by the European Commission under Grant Agreement RI Security Token Service (STS) Transforming the Existing User Credentials.

Web Services Security Mike Shaw Architectural Engineer.

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

Vijay V Vijayakumar.  Implementations  Server Side Security  Transmission Security  Client Side Security  ATM’s.

EMI is partially funded by the European Commission under Grant Agreement RI Security Token Service (STS) Simplified Credential Management Henri.

Security in OPC Unified Architecture (UA) Dick Oyen IndustrialSysDev, Inc.

In Vivo Imaging Middleware — Phase 6 Ashish Sharma, Tony Pan, Y. Nadir Saghar.

Miroslav Pavleski (SETCCE)

A National e-Authentication Service

Training for developers of X-Road interfaces

DIGITAL SIGNATURE SERVICE

HMA Identity Management Status

Public Key Infrastructure from the Most Trusted Name in e-Security

E-Lock ProSigner ProSigner means “Professional Signer” signifying the software that can apply legally enforceable Advanced electronic signatures to electronic.

National Trust Platform

Presentation transcript:

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU Belgrade Date: 26/03/2009

SWEB SWEB user types  JAVA mobile client .NET mobile client  SELIS client  Civil Servant client

SWEB Security of communications between the client and SWEB platform  XML signature  Time Stamping  SAML token  WS-Security (WS-Encryption and/or WS-Signature)

SWEB User authentication and authorization  Username/password to access the client application and asymmetric private key  User’s digital certificate to be authenticated by the STS server  SAML token issued to the user for authentication to the particular service  User profile (digital certificate) for user authorization to the platform

SWEB Secure communication between two SWEB platforms  Digital certificate for authentication to the STS server  SAML token for authentication to the service  User’s profile (digital certificate) for user authorization

SWEB Identities of users  Digital certificates  PKI hierarchy  XKMS for certificate locating (LocateRequest) and validating (ValidateRequest)

SWEB

The Residence Certification Service Cross-Border request scenario

SWEB SWEB Security Aspects Summary  X.509 certificate  XML Digital Signatures and Encryption  WS-security  Time stamping  Federation Identity - Security Token (SAML)  XKMS  Smart cards for Civil Servants  Future upgrade include PKI SIM cards

SWEB Future research directions  Implementing JAVA mobile application into the JAVA CDC 1.1 enabled mobile devices  Full implementation of advanced electronic signature formats (e.g. XAdeS)  Integration of PKI SIM technology in the Mobile Client application  Using SWEB-like system for other PKI based e/m-governmental services (strong user authentication to other e-gov web portals, signing documents prepared through some other communication channels, qualified signatures, etc.)

SWEB Thank You!!