KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: Jan. 8, 2007.

Slides:



Advertisements
Similar presentations
AI3 Contact Server Takeshi Usui
Advertisements

Digital Certificate Installation & User Guide For Class-3 Certificates.
Web Hosting. The purpose of this Startup Guide is to familiarize you with Own Web Now's Web Hosting. Own Web Now offers two web hosting platforms, one.
Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide
Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Digital Certificate Installation & User Guide For Class-2 Certificates.
Safe Script CA Digital Certificate Enrollment Guide With
User Certificate Application Guide Mason Hsiung. Visit start to request your user certificatehttp://ca.grid.sinica.edu.tw.
Digital Certificate Installation & User Guide For Class-2 Certificates.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
Summer School Certificates Diego Romano & Gilda Team.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Joining the Grid Andrew McNab. 28 March 2006Andrew McNab – Joining the Grid Outline ● LCG – the grid you're joining ● Related projects ● Getting a certificate.
Getting grid-enabled Steps involved: personal grid certificate  Request a certificate from:
Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.
APACHE SERVER By Innovationframes.com »
Remote Access Mark Nicolay Computing & Communications.
OPeNDAP Hyrax Back-End Server (BES) Authentication and Authorization Patrick West
PETS – Power Exchange Trading Software Power Exchange Trading Software for Online Bidding, Billing and much more.
UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.
Tweaking the Certificate Lifecycle for the UK eScience CA John Kewley NGS Support Centre Manager & Service Manager for the UK e-Science CA
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Shibboleth IdP Training: Productionalization January, 2009.
CILogon OSG CA Mine Altunay Jim Basney TAGPMA Meeting Pittsburgh May 27, 2015.
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
KISTI Grid CA Status Report KISTI Supercomputing Center Sangwan Kim APGridPMA Meeting Mar 8, 2010 Academia Sinica, Taipei, Taiwan.
ArcGIS Server and Portal for ArcGIS An Introduction to Security
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
IHEP Grid CA Status Report Wei F2F Meeting 8 Mar Computing Centre, IHEP,CAS,China.
User Certificate Application: ASGCCA. Agenda Introduction ASGCCA User Responsibilities Certificate application form RA verify identity of users User generate.
KISTI Grid CA Status Report Korea Institute of Science and Technology Information Sangwan Kim Jae-Hyuck Kwan
Academia Sinica Grid Computing Certification Authority (ASGCCA)
CertWizard: a New Certificate Tool for the UK NGI User Community John Kewley ( ), Jens Jensen, David Meredith and Akay Okcun 16/11/20151EGI.
Case Study.  Client needed to build data collection agents for various mobile platform  This needs to be integrated with the existing J2ee server 
호스트 인증서 신청 방법 How to Request Host Certificate
Academia Sinica Grid Computing Certification Authority (ASGCCA) Jinny Chien April 20, th APGridPMA in Taipei.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Pkiuniversity.com. Alice Bob Honest Abe’s CA Simple PKI hierarchy.
Shell Interface Shell Interface Functions Data. Graphical Interface Graphical Interface Command-line Interface Command-line Interface Experiments Private.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Academia Sinica Computing Centre.
KEK GRID CA updates Takashi Sasaki Computing Research Center KEK.
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
Avaya Communicator for Web Demo Installation
NECTEC-GOC CA The 3 rd APGrid PMA face-to-face meeting. June, Suriya U-ruekolan National Electronics and Computer Technology Center, Thailand.
SSH. 2 SSH – Secure Shell SSH is a cryptographic protocol – Implemented in software originally for remote login applications – One most popular software.
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
Gilda certificates. Certification Authority
Academia Sinica Grid Computing Certification Authority F2F interview (Malaysia )
INFSO-RI Enabling Grids for E-sciencE Sofia, 17 March 2009 Security, Authentication and Authorisation Mike Mineter Training, Outreach.
SFS-HTTP: Securing the Web with Self-Certifying URLs
3.1 Types of Servers.
TYPES OF SERVER. TYPES OF SERVER What is a server.
Installation & User Guide
Services Provided by Network Operating Systems
File Transfer Protocol
CERN Certificates platform Emmanuel Ormancey / Anatoly Gladkov
Installation & User Guide
The GENIUS Security Services
Process flow Kindly note: This presentation is automated – please do not click any of your mouse buttons or keyboard keys.
KISTI CA Report Status & Self-Audit
Presentation transcript:

KISTI Grid CA Operation KISTI Supercomputing Center Sangwan Kim, Soonwook Hwang CA Operators Contact: Jan. 8, 2007

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration)

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) 1 The subscriber download ‘User Application Form’ from the web site and fill the form.

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) User Application Form Face-to-Face Meeting 2

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) 3 PIN# RA’s Signature Get a PIN number PIN# User Application Form Face-to-Face Meeting PIN# The RA gets a PIN number from the CA server. PIN number requests can be done with RA privilege. The RA write down the PIN# in the application form of the user and sign the form.

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# RA’s Signature FAX the application form to the CA 4

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# RA’s Signature The CA checks the PIN# and RA’s Signature 5

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# RA’s Signature If required, the CA may contact to the RA if the RA has really signed the application form. 6

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The CA make a WACC for the user. WACC is protected by PIN#. (PIN# is a password) PIN# RA’s Signature * WACC: Web-Access Client Certificate PIN# WACC 7

PIN# WACC Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * WACC: Web-Access Client Certificate Register the WACC information in the lookup database of the web server. 8

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The CA send the WACC to the User by normal . (The WACC is protected by PIN#) PIN# * WACC: Web-Access Client Certificate PIN# WACC 9

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * WACC: Web-Access Client Certificate PIN# WACC The Subscriber can decrypt the WACC using his PIN#. He installs the WACC in his web browser. 10

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * CSR: Certificate Signing Request WACC The subscriber access the online CSR website with the WACC. This communication is protected with HTTPS with client authentication. Internet The web server authenticate the client using the WACC information received from the client, and compare it with the lookup database, to check if the WACC is valid one or not. 11 HTTPS

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# * CSR: Certificate Signing Request WACC The Subscriber uploads his CSR to request for the CA to sign the CSR. CSR 12 HTTPS

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# WACC The subscriber sends a notification to the CA after uploading the CSR. CSR * CSR: Certificate Signing Request 13

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# WACC CSR The CA get the CSR from the web server, and sign it to make a certificate. Certificate 14

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# WACC The CA publish the certificate in the web server. 15

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The CA operator send a notification to the subscriber after issuing a certificate. 16

Subscriber CA Operator RA CA machine (off-line) Web Server(s) (with Virtual Host configuration) PIN# The Subscriber get his certificate from the web server. 17 HTTPS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.