Presentation is loading. Please wait.

Presentation is loading. Please wait.

TIES II — Feasibility study for a JISC national certificate issuing service Middleware studies meeting 11 March 2004.

Published byBrionna Bonfield Modified over 10 years ago

Similar presentations

Presentation on theme: "TIES II — Feasibility study for a JISC national certificate issuing service Middleware studies meeting 11 March 2004."— Presentation transcript:

1 TIES II — Feasibility study for a JISC national certificate issuing service Middleware studies meeting 11 March 2004

2 Aim  To consider the deployment of digital certificates to a significantly expanded e-Science community, and make recommendations to JISC

3 Technical options  Community operated open source CA  Community operated insourced CA  Fully outsourced CA

4 JISC IE Background  TIES I study recommended model of single national CA with institutional RAs  TIES I envisaged full rollout of certificates for JISC IE services as well as e-Science  But Shibboleth now adopted as preferred solution for IE  Remaining role for digital certificates?

5 e-Science background  All e-Science resources currently require users to present identity certificates  One CA per country  One flavour: medium assurance certification  Unpopular with users and RAs  RAL CA issues certificates at ~£220 a pop  RAL CA will not scale above ~1000 certificates  Due to expand rapidly (~20,000 in 5 years)  How to afford? How to scale? How to make acceptable? How to handle non-institutional users?

6 Approach  Two levels of assurance: basic and medium  CA based on commercially provided software  Single trust anchor

7 Specification  Three types of certificate: Two flavours of identity certificates for users: –Medium assurance for high-value and non-UK resources –Basic assurance for the rest (including students), UK-only Certification for SSL-enabled servers engaged in cross- institutional secure communication –e.g., for Shibboleth servers  Uses: identity assurance ( users and servers), signed email  Choice of insourced/outsourced solution

8 Next steps  Briefing note for discussion  Confirm requirements (balance constraints and ambitions)  Firm up specification (numbers of RAs, certificates, policy, key usage, CRL regime)  Talk to suppliers

9 Contacts  Sandy Shaw, EDINA  Fiona Culloch, EDINA  David Chadwick, University of Salford  http://edina.ac.uk/projects/ties2/ http://edina.ac.uk/projects/ties2/  TIES I report: http://edina.ac.uk/projects/ties/ties_23-9.pdf http://edina.ac.uk/projects/ties/ties_23-9.pdf

Download ppt "TIES II — Feasibility study for a JISC national certificate issuing service Middleware studies meeting 11 March 2004."

Similar presentations

Lousy Introduction into SWITCHaai

Lousy Introduction into SWITCHaai
Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.

Grid Security Policy GridPP18, Glasgow David Kelsey 21sr March 2007.
5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK

5-Dec-02D.P.Kelsey, GridPP Security1 GridPP Security UK Security Workshop 5-6 Dec 2002, NeSC David Kelsey CLRC/RAL, UK
Supporting education and research Core Middleware Development Nicole Harris, Programme Manager, JISC Middleware Team.

Supporting education and research Core Middleware Development Nicole Harris, Programme Manager, JISC Middleware Team.
Joint Information Systems Committee 01/04/2014 | slide 1 Access Management and e-Portfolios What are we trying to protect??? Joint Information Systems.

Joint Information Systems Committee 01/04/2014 | slide 1 Access Management and e-Portfolios What are we trying to protect??? Joint Information Systems.
Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.

Joint Information Systems Committee 01/04/2014 | | Slide 1 Connecting People to Resources The JISC Access Management Strategy Nicole Harris Programme Manager.
Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.

Joint Information Systems Committee 01/04/2014 | slide 1 Support e-Research at JISC Access Management and Security Joint Information Systems CommitteeSupporting.
Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.

Eduserv Athens Federations David Orrell Eduserv Athens Technical Architect.
Scoping Study for Institutional Profiling and Terms & Conditions Services JISC Joint Programme Meeting Brighton 6-7 July 2004.

Scoping Study for Institutional Profiling and Terms & Conditions Services JISC Joint Programme Meeting Brighton 6-7 July 2004.
FAME-PERMIS Project University of Manchester University of Kent London, July 2006.

FAME-PERMIS Project University of Manchester University of Kent London, July 2006.
Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill, Programme Manager, JISC Identity Management and Levels.

Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill, Programme Manager, JISC Identity Management and Levels.
Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill e-Research Programme Manager e-Infrastructure Security.

Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill e-Research Programme Manager e-Infrastructure Security.
Shibboleth Development and Support Services SDSS Development Federation Next Phase Sandy Shaw, EDINA JISC CM Programme Meeting, Windermere, 14–15 November.

Shibboleth Development and Support Services SDSS Development Federation Next Phase Sandy Shaw, EDINA JISC CM Programme Meeting, Windermere, 14–15 November.
Digital Certificate Operation in a Complex Environment Matthew J. Dovey Oxford University Computing Services.

Digital Certificate Operation in a Complex Environment Matthew J. Dovey Oxford University Computing Services.
Philip LordDigital Archiving Consultancy Alison Macdonald Digital Archiving Consultancy Liz LyonDigital Curation Centre David GiarettaDigital Curation.

Philip LordDigital Archiving Consultancy Alison Macdonald Digital Archiving Consultancy Liz LyonDigital Curation Centre David GiarettaDigital Curation.
DyVOSE Status Report Dr Richard Sinnott Technical Director National e-Science Centre ||| Deputy Director Technical Bioinformatics Research Centre University.

DyVOSE Status Report Dr Richard Sinnott Technical Director National e-Science Centre ||| Deputy Director Technical Bioinformatics Research Centre University.
4 December 2002 Grid Resource Access Workshop, NeSC 1 Managing Access to Resources on the Grid David Boyd CLRC e-Science Centre

4 December 2002 Grid Resource Access Workshop, NeSC 1 Managing Access to Resources on the Grid David Boyd CLRC e-Science Centre
Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.

Next Generation Athens Services Ed Zedlewski UK e-Science Town Meeting, London, 11 April 2005.
JIBS OpenURL meeting 17 Sept 2003 1 BALSA and proposal for OpenURL routing service Andrew Bevan (EDINA user support)

JIBS OpenURL meeting 17 Sept BALSA and proposal for OpenURL routing service Andrew Bevan (EDINA user support)
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

Similar presentations

Ads by Google