26.11.2001 1 / 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner FEIDHE Electronic Identification in Finnish Higher Education.

Slides:



Advertisements
Similar presentations
Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
Advertisements

European Electronic Identity Practices Country Update of Finland Speaker: Päivi Pösö Date:
ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Libraries, distance studying, and electronic resources a survey carried out in Central Finland Teemu Makkonen & Antti Seppänen, Jyväskylä University of.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
European Electronic Identity Practices Country Update of …………… Speaker: Date:
Secure Communication Architectures.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
CREN-Mellon conference, December 1, 2001 University of Texas PKI Status.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
U.S. Environmental Protection Agency Central Data Exchange EPA E-Authentication Pilot NOLA Network Node Workshop February 28, 2005.
Generic AAA model in Grids IRTF - AAAARCH meeting IETF 52 – Dec 14 th Salt Lake City Leon Gommans Advanced Internet Research Group.
The Leading Information Centre Conference on Interoperable European ID Haikko, Finland 3-5 April 2002.
TIES — Technologies for Information Environment Security Sandy Shaw University of Edinburgh.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. The Language Bank of Finland User Authentication and Authorization Service
03 December 2003 Digital Certificate Operation in a Complex Environment Consultation/Stakeholders Meeting 3 December 2003.
CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
Feide is a identity management system on a national level for the educational sector in Norway. Federated Electronic Identity for Norwegian Education Tromsø,
F. Guilleux, O. Salaün - CRU Middleware activities in French Higher Education.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
ESerbia – Information society Base draft Ministry of Science, technology & development Legal framework IT (Information Technology) infrastructure Technical.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Middleware challenges to service providers, the Nordic view TERENA, Ingrid Melve, UNINETT.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Internet Security for Small & Medium Business Week 6
IT in the Swedish public sector Britta Johansson
DINI „Electronic Publishing Group“ DINI – Certificate Document and Publication Repositories “Electronic Publishing Group“
NELLI - INFORMATION RETRIEVAL PORTAL. NELLI Information retrieval portal National ELectronic Library Interface One interface to all material –Licensed.
Gregorio Martínez Pérez University of Murcia PROVIDING SECURITY TO UNIVERSITY ENVIRONMENT COMMUNICATIONS.
 What is intranet What is intranet  FeaturesFeatures  ArchitectureArchitecture  MeritsMerits  applicationsapplications  What is ExtranetWhat is.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Supporting further and higher education Middleware and AA within the JISC Environment Nicole Harris, JISC Development Group.
HAKA project HAKA User administration inside Finnish Higher Education Institutes results from the KATO project Barbro Sjöblom EDS 2003 Uppsala.
The Porvoo Group Tapio Aaltonen Director, CA-services, co- chair Porvoo Group Population Register Centre Finland.
MINISTRY OF SOCIAL AFFAIRS AND HEALTH 1 The Finnish National Electronic Patient Record Archive
Module 9: Fundamentals of Securing Network Communication.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.
Kristiina Hormia-Poutanen Head of National Electronic Library Services (FinELib) National Electronic Library programme and the digital research and study.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
PKI in the Swedish public sector Decentralised administration - each agency make their own decisions PKI in different situations: internally within an.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
E-commerce 24/12/ Electronic Commerce (E-Commerce) Commerce refers to all the activities the purchase and sales of goods or services. Marketing,
11/9/2015 AEB/Yleisesittely Utilising City Card on the Campus TNC 2004, Rhodes 7th of June, 2004 Mikael Linden, Petteri Jekunen,
Library Network Services Twin cities Kristiina Hormia-Poutanen National Library of Finland.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Ministry of Science and Technology Mozambique Research and Education Network - MoRENet Jussi Hinkkanen Ministry of Science and Technology Mozambique.
Securing Online Banking By Ben White CS 591. Who Federal Financial Institutions Examination Council What To authenticate the identity of retail and commercial.
Licensing in a European Perspective - case Finnish National Consortium ELAG 2001, Prague Kristiina Hormia-Poutanen.
Exploring Access to External Content Providers with Digital Certificates University of Chicago Team Charles Blair James Mouw.
E-Commerce Systems Chapter 8 Copyright © 2010 by the McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin.
Introduction to the PKI Issues at UW Madison Presented to ITC on Friday, 3/18/2005 Tom Jordan Systems Engineer,
1 Development of Cash Benefits Management Information System-CBMIS Sanja Andovska, Conditional Cash Transfers Project.
Cross border electronic signature services Ingmar Vali Head of Court Registers Department Centre of Registers and Information Systems
Bulding blocks of e- government Ingmar Pappel. Bulding blocks of e-government  Personal Code  Digital Identity  Digital signature  X-Road  Organizations.
Design & Implementation of Black Sea Information System Approaches & Considerations.
Secure Enterprise Technology Initiatives e-Provisioning Group
Presentation transcript:

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner FEIDHE Electronic Identification in Finnish Higher Education A PKI Project A presentation at TERENA PKI-COORD meeting by Janne Kanner CSC / Funet

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner Project The recommendations and specifications for a smart card based public key infrastructure in Finnish higher education. First implementations to be possible during Collaborative project –all universities and polytechnics –student organizations from both sectors –virtual university and virtual polytechnic projects –CSC, the Finnish center for high-performance computing and networking

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner Basics Project organization and personnel: –Steering group –Project group with 5 members, about 75 man months –Technical and service expert groups, people Funding: universities and polytechnics, CSC, ministry of education, ministry of transport and communications, total ~ €

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner Background Outsourced CA –National CA by Finland’s Population Register Centre –Commercial CA’s: Certall, NovoTrust, Sonera,... –Legislation since 1999 Wide acceptance in society (higher education, public and commercial sectors) Identity card, student card, bank card, city card,... Plain certificates for identification (even addresses controversial) First motive to get rid of passwords and improve security, other motives new services throught the network, cost savings and streamlining of processes and practises

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner Work in progress Looking into: CA, certificate, CP, CPS, registration, distribution Testing and evaluating smart cards, card readers, client/server software, protocols/technologies etc. How to integrate PKI into services, systems and user management Co-ordination of service development Security issues and responsibilities Legislation considerations, e.g. digital signatures, privacy issues Marketing: what kind of a concept do the users want Usability issues: cards, PKI, pilot services Financing possibilites for implementation and plans for a bidding contest Dissemination of information about PKI

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner 9 Pilots 30 people working in 8 higher education institutes about 1000 persons piloting: students, lecturers, researchers, administrators, sysadmins, librarians What are the components available (commercial, open source)? How should it be implemented technically? What parts need to be tailored in each HEI? How much work is needed? Does a large-scale implementation make sense (benefits and cost savings vs. work and price)?

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner Piloting SSL client authentication: student registry, intranet,... Centralized web authentication (SSL and cookies) Libraries: IP-proxy to article databases Secure Shell logon W2K logon: extra cert (w2k CA, OpenCA), VPN plug-in Centralized user management for a university and integrating PKI into it Digital signature for administrative tasks (to reduce bureaucracy and paper work) VPN connections for remote workers Passage control in buildings Unix/Linux PKI functionality (PC/SC, PKCS#11, PAM)

/ 8 FEIDHE Electronic Identification in Finnish Higher Education Janne Kanner More information? Something (but not very much) in english at hopefully pilot details etc. Q1 next year Janne Kanner ( )