Presentation is loading. Please wait.

Presentation is loading. Please wait.

PKI Update December, 2008 Nicholas Davis

Published byUlrike Schulze Modified over 6 years ago

Similar presentations

Presentation on theme: "PKI Update December, 2008 Nicholas Davis"— Presentation transcript:

1 PKI Update December, 2008 Nicholas Davis

2 Quick Background 2004 UW-Madison purchased co-managed solution from Geotrust Both client certs and SSL certs are purchased from Geotrust Started September, 2004 Centrally funded

3 Current Environment Over 1000 client certs currently in use across campus Used for signing, document signing and encryption Documents, PDF, Word, multiple clients We hosted the First Annual Educause PKI Deployment Forum in April, 2008.

4 New Use for Certificates at UW
Dual factor authentication to protect sensitive web applications Web Initial Sign-on Client based on Pubcookie Altered to authenticate via digital certificates

5 Where are the Certificates Stored?
Etokens, local drives HID Crescendo Cards New UW-Madison ID cards contain: magnetic stripe, bar code, printed number, picture, status (staff/student), 2 RFID cores (Prox and iClass) Subset of cards (250) contain the HID Crescendo chipset

6 UW ID Card Continued Crescendo chipset Raaksign software
Windows only software included, Macintosh 3rd party software available Design story

7 McAfee Safeboot Whole disk encryption being deployed on a volunteer basis Can use certificates in pre-boot authentication HID Crescendo card is supported by McAfee for pre-boot authentication

8 PKI Rollout to UW-System
UW System plans to roll digital certificates out across UW statewide system 26 campuses Prime driver is encrypting sensitive and digital signing of mass 56,000 person signed sent this week

9 Issues With Mass Email Too complex for some people to figure out
Some people agree to delegate signing authority Is it ideal? No Does it get the job done? Yes

10 Our Guiding Principles
Keep it simple Balance ideal security with the needs of our user community Make it usable outside of our campus Coolness factor, can’t be underestimated. The unified card is a big hit!

11 Next Steps Put our PKI contract out for bid
Geotrust absorbed by Verisign, True Credentials no longer being actively promoted or developed

12 Questions Questions and comments welcome at this time, EXCEPT for questions from Scott Rea! Nicholas Davis

Download ppt "PKI Update December, 2008 Nicholas Davis"

Similar presentations

1 PKI Buy vs. Build Decision at UW-Madison Presented by Nicholas Davis PKI Project Leader UWMadison, Division of Information Technology.

1 PKI Buy vs. Build Decision at UW-Madison Presented by Nicholas Davis PKI Project Leader UWMadison, Division of Information Technology.
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Dartmouth PKI Certificate Deployment June 2004 Fed Ed Meeting.

Dartmouth PKI Certificate Deployment June 2004 Fed Ed Meeting.
SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.
PKI Implementation in the Real World

PKI Implementation in the Real World
Data Security The Best Data Security In The Industry.

Data Security The Best Data Security In The Industry.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
Submitted by- Mr. Avinash Sadaphule 20 November 2009 Management Trainee, MKCL.

Submitted by- Mr. Avinash Sadaphule 20 November 2009 Management Trainee, MKCL.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
PKI Past, Present and Future at the UW Nicholas Davis, PKI Project Leader Eighth Annual Educause PKI Summit.

PKI Past, Present and Future at the UW Nicholas Davis, PKI Project Leader Eighth Annual Educause PKI Summit.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
The Unique Challenges of Rolling Out a PKI in the U.W. Academic Environment Nicholas A. Davis.

The Unique Challenges of Rolling Out a PKI in the U.W. Academic Environment Nicholas A. Davis.
Lexmark Print Management

Lexmark Print Management
Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.

Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.
PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security

PKI-Enabled Applications That work! Linda Pruss Office of Campus Information Security
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

Similar presentations

Ads by Google