11/9/2015 AEB/Yleisesittely Utilising City Card on the Campus TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Petteri Jekunen,

Slides:

Advertisements

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Advertisements

Single Sign-On with GRID Certificates Ernest Artiaga (CERN – IT) GridPP 7 th Collaboration Meeting July 2003 July 2003.

Chip Card System Free University of Bozen/Bolzano.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Parking solution designed for hotels – Providing one card solution to hotel management. Richard Hsieh Tel: Ext. 128 Fax:

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

1 Preparing Windows 2000 installation (Week 3, Wednesday 2/25/2006) © Abdou Illia, Spring 2006.

> A new vision of transport TECHNOLOGYMULTI-APPLICATIONSECONOMICSLICENSINGCNAIMPLEMENTATION GENERAL Designed and promoted by public transport operators.

Internet & City: Tampere, Finland Jari Seppälä

Password?. Project CLASP: Common Login and Access rights across Services Plan

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

Password?. Project CLASP: Common Login and Access rights across Services Plan

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Public Key Infrastructure at the University of Pittsburgh Robert F. Pack, Vice Provost Academic Planning and Resources Management March 27, 2000 CNI Spring.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Broadband Education Services, June 2009, Crete, Greece Broadband services for schools through the Greek School Network.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

Alcatel Identity Server Alcatel SEL AG. Alcatel Identity Server — 2 All rights reserved © 2004, Alcatel What is an Identity Provider?  

Riga’s e-Ticketing System

Digital Payment Systems

PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Certificate and Key Storage Tokens and Software

Introduction IT Department at CEU Contribution to carry out CEU’s mission with appropriate: -Information technology tools and services -Hardware and software.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

Page 1 CITS Active Directory Implementation UMass Dartmouth.

Chapter 11: Dial-Up Connectivity in Remote Access Designs

Active Directory at the University of Michigan Data Population and Kerberos Interoperability MaryBeth Stuenkel LAN/NOS/Groupware Services.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Community bus ICT based services for Urban living 1 Tagged IC card Tagged IC pendant (Photo pack) RF gate Attendance management Electronic lock School.

1 Smart Card – EMV – Security – Internet 10 June 2002 Presentation by Mr. Alan Siu Deputy Secretary for Information Technology and Broadcasting Government.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Module 9: Planning Network Access. Overview Introducing Network Access Selecting Network Access Connection Methods Selecting a Remote Access Policy Strategy.

OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.

20411B 8: Installing, Configuring, and Troubleshooting the Network Policy Server Role Presentation: 60 minutes Lab: 60 minutes After completing this module,

Introduction of SmartCard Project Presented by: Cora Lai July 26, 2000.

Housing Service Review Service Report 24 November 2014.

The National Smartcard Project and the Citizen Experience Michael Gates NSCP Project Manager Bracknell.

GatorLink Password Management Policy March 31, 2004.

Configuring Directory Certificate Services Lesson 13.

HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.

© Wiley Inc All Rights Reserved. MCSE: Windows Server 2003 Active Directory Planning, Implementation, and Maintenance Study Guide, Second Edition.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.

10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.

2 You Will Know Major types of insured financial institutions Basic banking terms Differences between banks and check-cashing services Bank employees.

The National Smartcard Project and the Citizen Experience Oliver Ferguson Workpackage Project Manager.

Infocity Tampere Jari Seppälä 2004

FSU Metadirectory Project The Issue of Identity Management Executive Overview.

Athens – integrated AMS services Ed Zedlewski JISC/CNI Conference Edinburgh, June 2002.

Security Planning and Administrative Delegation Lesson 6.

INTERNACIONAL WORKSHOP BEST PRACTICES IN COMMUNITY CITIZENSHIP Friday, 21th March 2014 Local Agency of Economic and Employment Promotion Avelino González.

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner FEIDHE Electronic Identification in Finnish Higher Education.

The National Smartcard Project Vaughan Cooksey WP 10 & 11 Project Manager IDeA e-Champions 22nd January.

CHAPTER 5 MANAGING USER ACCOUNTS & GROUPS. User Accounts Windows 95, 98 & Me do not need a user account like Windows XP Professional to access computer.

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

GP 2015 Client Event. Management Reporter As of 5/1/2015 the most recent version of MR is 2012 Cumulative Update 12. Mainstream Support for FRx 6.7 ended.

Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Electronic Banking & Security Electronic Banking & Security.

COMPUTER NETWORKS Quizzes 5% First practical exam 5% Final practical exam 10% LANGUAGE.

ESA Single Sign On (SSO) and Federated Identity Management

Cambridgeshire Direct

Dartmouth College Status Report

Getting Started.

Getting Started.

Install AD Certificate Services

Presentation transcript:

11/9/2015 AEB/Yleisesittely Utilising City Card on the Campus TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Petteri Jekunen,

11/9/2015 AEB/Yleisesittely Tampere polytechnic a medium-sized polytechnic in Finland –5000 students, 600 staff members belongs to the city of Tampere IT infrastructure maintained centrally by the computer center user administration done centrally in cc –LDAP enterprise directory –one username/password for most of the services –automatic account creation, maintenance and closing based on the student registry

11/9/2015 AEB/Yleisesittely Where we started in Tampere Polytechnic (TP) TP willing to start using PKI/token based user authentication people already carrying several cards in their wallet –let’s not introduce a new one  multi-application smart card, integrating services on a single card smart card readers installed to workstations in TP –700/1200 workstations in computer classes –100/650 workstations for staff use

11/9/2015 AEB/Yleisesittely eTampere card – a card for local residents part of the eTampere programme ( ) –a collaboration project of research&education, business, organizations and communities eTampere card pilot –city of Tampere provided 5000 cards to local residents –3500 of the card were given to students in TP computer-skilled people with good facilities and large number of network services in the school and at home  card penetration reached 80 % among active students in TP basic idea: services provided by public and private organisations on a single card

11/9/2015 AEB/Yleisesittely Services available for cardholders in TP in the pilot Services by the city of Tampere payments in public transportation and swimming halls electronic services (requiring authentication) on the web Services provided by Tampere Polytechnic workstation logon (Windows 2000) signing (and circulating) an application for ”overtime” –for students that are not able to graduate in 4 years Services provided by TP’s privately operated student restaurant paying student lunch Services provided by Student union of TP voting in the election of the student union’s council

11/9/2015 AEB/Yleisesittely eTampere pilot card’s technology a hybrid card: two separate chips in the same piece of plastic –contactless (Mifare) chip: electronic purse for payments (busses, swimming hall, student restaurant) –chip with contacts (ISO 7816): personal certificates about the PKI in use –certificates signed by Sonera (a Finnish-Swedish teleoperator) –two separate certificates: authentication, non-repudiation –unique identifier of a user: EETU, a unique number assigned by the city of Tampere –for W2k logon at TP an extra certificate was added to the card CA: computer center of TP binds the W2k username to the public key

11/9/2015 AEB/Yleisesittely User experiences of the card A web survey (n=699) made to cardholders 1-2 months after getting the card What property do you consider important? Library card94 % Car parking fees 83 % Passage card in the school80 % E-purse (lunch, shops…)76 % Ticketing (concerts, ice hockey…)73 % Voting in the net68 % Bonys/loyalty programs 63 % Passage card in municipal services (sports hall…)60 % Strong network authentication 56 % Telephone card38 % => for an end user security (AuthN) is not very interesting

11/9/2015 AEB/Yleisesittely From pilot to production: experiences/challenges For the city of Tampere certificates are expensive but not used very much –not easy to find a business model that makes them fly integrating to municipal libraries (library card) dual-interface card? For Tampere Polytechnic problems mostly non-technical usage of the certificates is still too narrow, should be extended to make it more usable (web authN, SSH connections, VPN etc)