Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007.

Slides:

Advertisements

Similar presentations

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Advertisements

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

Federal PKI Architecture Update

Ongoing Efforts to Build The US Federal PKI Bridge

Copyright Judith Spencer This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Grid Computing in Higher Education (Scott Rea) EDUCAUSE PKI Deployment Forum Madison, WI - April 15, 2008.

Higher Education Bridge CA (HEBCA) – What’s Relevant, What’s Next? (Scott Rea) Fed/Ed December 2006.

NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.

Higher Education PKIs (Scott Rea) Boulder CO November 15, 2007.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed June 2005.

US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael.

The U.S. Federal PKI and the Federal Bridge Certification Authority

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

The 4BF The Four Bridges Forum Higher Education Bridge Certificate Authority.

PKI in US Higher Education (Scott Rea) Fed/Ed June 2008.

PKI Update. Topics Background: Why/Why Not, The Four Planes of PKI, Activities in Other Communities Technical activities update S/MIME Pilot prospects.

1 eAuthentication in Higher Education Tim Bornholtz Session #47.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress July 2004 Dartmouth PKI Summit.

US Higher Education PKI (Scott Rea) February 2007.

HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.

1 11 th Fed/Ed PKI Meeting Some quick updates from recent HEPKI-TAG and SURA work Jim Jokl

1 Digital Credential for Higher Education John Gardiner August 11, 2004.

Bridge-to-Bridge Working Group (BBWG) Debb Blanchard, Cybertrust EDUCAUSE Federal and Higher Education PKI Coordination Meeting June 16, 2005 The Fairmont.

EDUCAUSE PKI Working Group Where Are We and Where are We Going.

PKI: Glue of Middleware Michael R Gettes, Duke University CAMP Enterprise Authentication Michael R Gettes, Duke University CAMP Enterprise Authentication.

Bridging Higher Education PKIs PKI Summit, August 2006 Snowmass, Colorado.

PKI in US Higher Education -Dartmouth PKI Initiatives (Scott Rea) Fed/Ed December 2007.

Australian Access Federation and other Middleware Initiatives Presented at TF-EMC2, Prague 4 Sep 2007 Patty McMillan, The University of Queensland.

1 PKI & USHER/HEBCA Fall 2005 Internet2 Member Meeting Jim Jokl September 21, 2005.

X.509/PKI There is progress.... Topics Why PKI? Why not PKI? The Four Stages of X.509/PKI Other sectors Federal Activities - fBCA, NIH Pilot, ACES, other.

NSF Middleware Initiative Renee Woodten Frost Assistant Director, Middleware Initiatives Internet2 NSF Middleware Initiative.

Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.

PKI and the U.S. Federal E- Authentication Architecture Peter Alterman, Ph.D. Assistant CIO for e-Authentication National Institutes of Health Internet2.

Government-University Identity Management Opportunities Peter Alterman, Ph.D. Chair, U.S. Federal PKI Policy Authority and Assistant CIO/E-Authentication,

The Federal Bridge A Brief Overview 1. 4BF Industry Forum April Fed PKI: View from 20,000 km FBCA C4 Common Policy CA (HSPD-12) CertiPath SSPs.

PKI for Higher Education (Scott Rea) Boulder CO November 15, 2007.

TAGPMA & the Bridge WG (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Activities and Applications Update - Chicago, IL.

Federated Authentication at NIH: Trusting External Credentials at Known Levels of Assurance Debbie Bucci and Peter Alterman November, 2009.

The Federal PKI Or, How to Herd Worms Peter Alterman Senior Advisor, Federal PKI Steering Committee.

Leveraging Campus Authentication for Grid Scalability Jim Jokl Marty Humphrey University of Virginia Internet2 Meeting April 2004.

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.

Southeastern Universities Research Association (SURA) - Intro for Fed/Ed 18 Mary Fran Yafchak Senior Program Manager, IT

Higher Ed Bridge CA Extending Trust Across Higher Education - And Beyond David L. Wasley University of California.

Day 3 Roadmap and PKI Update. When do we get to go home? Report from the BoFs CAMP assessment, next steps PKI technical update Break Research Issues in.

Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

National Institutes of Health Interfederation Initiatives Peter Alterman, Ph.D. Assistant CIO for e-Authentication.

Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority Meet FedFed.

Higher Education Bridge Certification Authority Scaleable Linking of PKI trust domains Scaleable Linking of PKI trust domains David L. Wasley Fall 2006.

1 US Higher Education Root CA (USHER) Update Fed/Ed Meeting December 14, 2005 Jim Jokl University of Virginia.

Federal Identity Management Overview and Current Status Dr. Peter Alterman, Chair Federal PKI Policy Authority.

Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.

Higher Education Bridge Certification Authority Scaleable Linking of PKI trust domains Scaleable Linking of PKI trust domains David L. Wasley Fall 2006.

Grids & PKI: TAGPMA & Bridges (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Implementers Workshop - Chicago, IL.

Dartmouth PKI: Plans & Challenges (Scott Rea – Dartmouth College) Internet2 Member Meeting, Dec 2006 PKI Implementers Workshop - Chicago, IL.

US Higher Education PKI (Scott Rea) February 2007

Overview What are the drivers for PKI in Higher Education?

Higher Education Bridge CA (HEBCA) – What’s Relevant, What’s Next

U.S. Federal e-Authentication Initiative

U.T. System Federated Identity Management Update

Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007.

PKI in US Higher Education (Scott Rea) Fed/Ed June 2008

Inter-institutional Trust Fabric Overview and Synergies

Fed/ED December 2007 Jim Jokl University of Virginia

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Sixth Annual PKI Summit at Snowmass, Colorado August 2004.

Presentation transcript:

Higher Education Bridge CA (HEBCA) – Planting is required before the harvest (Scott Rea) Fed/Ed June 2007

2 Plowing the field Why is HEBCA still only in test mode of operation? –Demand is not there yet from multiple schools (NOTE: Texas is an exception in this regards) –Anecdotally there is higher interest in PKI from schools than ever before but this interest is mostly focused on introspective projects rather than those that require cross-boundary authentication – some caveats do exist –An exception to the above is the Federal government as the external campus entity – there is a lot of interest in what the feds are doing and what that means for campuses –By the feds own admission – 75% of their applications that are the focus of the eAuthentication “federation” are assertion based – there are not many higher level applications out there

3 Planting seeds What are the drivers being manifest –Identity theft is the fastest growing crime in the US, higher education is the primary target (43% of reported incidents occurred in our sector) –Stronger binding and stronger technologies for IDM, better access controls, and security services are being investigated –There are lots of small internal PKI pilots quietly going about their business – looking to grow organically –Federation is required for bridging PKI – but the main thrust (in terms of advertising and focus) for federations has been in the assertion based arena – notably shibboleth – this both a catalyst and a crutch

4 Solving Silos of Trust Dept-1 Institution Dept-1 SubCA CA SubCA CA SubCA CA SubCA USHER HEBCA FBCA CAUDIT PKI

5 Challenges and Opportunities Open Tasks –Audit –Updated Business Plan –Mapping Grid Profiles Classic PKI SLCS –Promotion of PKI Test bed –Validation Authority service –Cross-certification with FBCA –Cross-certification with other HE PKI communities CAUDIT PKI (AusCERT) HE JP HE BR

6 Proposed Inter-federations FBCA CA-1CA-2 CA-n Cross-cert HEBCA Dartmouth Wisconsin Texas Univ-N UVA USHER DST ACES Cross-certs SAFECertiPath NIH CA-1 CA-2CA-3 CA-4 HE JP AusCert CAUDIT PKI CA-1 CA-2 CA-3 HE BR Cross-certs Other Bridges IGTF C-4

7 High Medium Hardware CBP Medium Software CBP Basic Rudimentary C-4 High Medium Basic Rudimentary Foundation Classic Ca SLCS MICS FPKI IGTF HEBCA/USHER Classic Strong E-Auth Level 1 E-Auth Level 2 E-Auth Level 3 E-Auth Level 4 E-AUTH

8 For More Information HEBCA Website: Scott Rea -