Presentation is loading. Please wait.

Presentation is loading. Please wait.

US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael."— Presentation transcript:

1 US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University

2 Landscaping On Campus HEBCA, USHER, InCommon Gap Analysis Development and Cost Sharing EDUCAUSE and Internet2 Federation Crosswalk InCommon & US Federal Government eAuth I-CIDM and JSF Trust Fabric Diagrams On Campus HEBCA, USHER, InCommon Gap Analysis Development and Cost Sharing EDUCAUSE and Internet2 Federation Crosswalk InCommon & US Federal Government eAuth I-CIDM and JSF Trust Fabric Diagrams

3 On Campus End Entity: Some schools, MIT, Dartmouth, UTHSC but not wide deployment in US. i2 trials on Doc Sigs Server Side and Infrastructure -- used all over the place but not yet well coordinated Lacking a national infra for Higher Ed HEBCA/USHER/InCommon/SAML PKI is just 18 months away (again!) :-) End Entity: Some schools, MIT, Dartmouth, UTHSC but not wide deployment in US. i2 trials on Doc Sigs Server Side and Infrastructure -- used all over the place but not yet well coordinated Lacking a national infra for Higher Ed HEBCA/USHER/InCommon/SAML PKI is just 18 months away (again!) :-)

4 Higher Ed Bridge CA It keeps going & going & going… HEPKI Council ACE -> EDUCAUSE -> HEPKI -> HEBCA (and maybe USHER ++ ) HEBCA-BID --> HEBCA-PA Dartmouth is the OA US Feds continue with Bridge Model To operate at High Assurance Policy Mapping with Feds complete (??) It keeps going & going & going… HEPKI Council ACE -> EDUCAUSE -> HEPKI -> HEBCA (and maybe USHER ++ ) HEBCA-BID --> HEBCA-PA Dartmouth is the OA US Feds continue with Bridge Model To operate at High Assurance Policy Mapping with Feds complete (??)

5 US Higher Ed Root:USHER CREN Root CA Version 2 To use ID Proofing policies of CREN augmented for InCommon Low Barrier to entry Coming from Internet2 Should be X-Certified with HEBCA Analog to US Federal Root CA CREN Root CA Version 2 To use ID Proofing policies of CREN augmented for InCommon Low Barrier to entry Coming from Internet2 Should be X-Certified with HEBCA Analog to US Federal Root CA

6 I-CIDM International Collaboration on Identity Mgmt Joint Strike Fighter Program Rules of Engagement Citizenship, Legal, Technical, Policy & Process (Criteria & Methods, CP/CPS, Corporate Policy) Principal Parties US Higher Education FBCA Pharmaceutical Industry (SAFE) Commercial Aerospace (JSF) Internationally Driven and Participation International Collaboration on Identity Mgmt Joint Strike Fighter Program Rules of Engagement Citizenship, Legal, Technical, Policy & Process (Criteria & Methods, CP/CPS, Corporate Policy) Principal Parties US Higher Education FBCA Pharmaceutical Industry (SAFE) Commercial Aerospace (JSF) Internationally Driven and Participation

7 HEBCA/USHER Synergy Sun Hardware Donation RSA/Keon Software Donation License covers Cert issuance for all PKI ops High Level of Assurance Separation of Duties Admin, Operator, Officer, Auditor Revocation and Citizenship Issues Ops(Dartmouth); Store(Internet2) Need to interoperate with US Feds Sun Hardware Donation RSA/Keon Software Donation License covers Cert issuance for all PKI ops High Level of Assurance Separation of Duties Admin, Operator, Officer, Auditor Revocation and Citizenship Issues Ops(Dartmouth); Store(Internet2) Need to interoperate with US Feds

8 InCommon & eAuth Federation interop with Shib (PKI in SAML) To ultimately use Bridge PKI as means of validating and locating members of OTHER federations InCommon CA to X-Certify with HEBCA or be signed by USHER having been X- Certified with HEBCA Shib+Grid to address some Grid issues HEBCA+Grid considered but no work yet See next slide… Federation interop with Shib (PKI in SAML) To ultimately use Bridge PKI as means of validating and locating members of OTHER federations InCommon CA to X-Certify with HEBCA or be signed by USHER having been X- Certified with HEBCA Shib+Grid to address some Grid issues HEBCA+Grid considered but no work yet See next slide…

9

10

11 PKIs HEBCAFBCA InCommon eAuth/JSF Non-US Gov US-Centric View of PKI World Industry Federations USHER FedRoot Non-US ???

Download ppt "US Higher Ed PKI Activities Internet2/EDUCAUSE ++ TF-EMC2 November, 2004 Amsterdam Michael R Gettes, Duke University TF-EMC2 November, 2004 Amsterdam Michael."

Similar presentations

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
May 06, 2002 Getting Started with Digital Certificates: Is PKI-Lite Real PKI? Internet2 Spring Meeting 2002 Wash, DC.

May 06, 2002 Getting Started with Digital Certificates: Is PKI-Lite Real PKI? Internet2 Spring Meeting 2002 Wash, DC.
PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.

PKI and LOA Establishing a Basis for Trust David L. Wasley PKI Deployment Forum April 2008.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
Higher Ed Certificate Authority by CREN October 12, 2000 TERENA Meeting/Paris.

Higher Ed Certificate Authority by CREN October 12, 2000 TERENA Meeting/Paris.
Federal PKI Architecture Update

Federal PKI Architecture Update
NSF Middleware Initiative: Managing Identity on Campus Michael R Gettes, Duke University Tom Barton, University of Chicago.

NSF Middleware Initiative: Managing Identity on Campus Michael R Gettes, Duke University Tom Barton, University of Chicago.
1 HEPKI-TAG Update EDUCAUSE/Dartmouth PKI Summit July 26, 2005 Jim Jokl University of Virginia.

1 HEPKI-TAG Update EDUCAUSE/Dartmouth PKI Summit July 26, 2005 Jim Jokl University of Virginia.
US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.

US E-authentication and the Culture of Compliance RL “Bob” Morgan University of Washington CAMP, June 2005.
NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.

NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.
Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.

Update on federations, PKI, and federated PKI for US feds and higher eds Tom Barton University of Chicago.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
Got Directory? January 28, 2004 TIP2004. 2015-06-01 2 metadirectory enterprise directory database departmental directories OS directories (MS, Novell,

Got Directory? January 28, 2004 TIP metadirectory enterprise directory database departmental directories OS directories (MS, Novell,
Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed June 2005.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed June 2005.
PKI: Glue of Middleware Michael R Gettes, Duke University EuroCAMP March, 2005 Michael R Gettes, Duke University EuroCAMP March, 2005.

PKI: Glue of Middleware Michael R Gettes, Duke University EuroCAMP March, 2005 Michael R Gettes, Duke University EuroCAMP March, 2005.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting
The 4BF The Four Bridges Forum Higher Education Bridge Certificate Authority.

The 4BF The Four Bridges Forum Higher Education Bridge Certificate Authority.
PKI Update. Topics Background: Why/Why Not, The Four Planes of PKI, Activities in Other Communities Technical activities update S/MIME Pilot prospects.

PKI Update. Topics Background: Why/Why Not, The Four Planes of PKI, Activities in Other Communities Technical activities update S/MIME Pilot prospects.
Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress Fed/Ed December 2004.
Higher Education Bridge Certificate Authority (HEBCA) Project Progress July 2004 Dartmouth PKI Summit.

Higher Education Bridge Certificate Authority (HEBCA) Project Progress July 2004 Dartmouth PKI Summit.

Similar presentations

Ads by Google