Presentation is loading. Please wait.

Presentation is loading. Please wait.

SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  March 14, 2002.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  March 14, 2002."— Presentation transcript:

1 SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  March 14, 2002

2 SETECS Copyright© SETECS Corporation 1. OnePKI – full CA infrastructure (CA servers, clients, and APIs) (CA servers, clients, and APIs) 2. OneDirectory – X.500/LDAP system (X.500/LDAP servers, LDAP client, security extensions) (X.500/LDAP servers, LDAP client, security extensions) 3. OneCARD – System for file/Java smart cards (SC administration, SC applications, PC applications, SC APIs) (SC administration, SC applications, PC applications, SC APIs) 4. OneNET – Network security system (Secure E–mail, Secure WWW – SSL and forms) (Secure E–mail, Secure WWW – SSL and forms) 5. OneJAVA – Security system for Java applications (Security client, server and secure Java objects/methods) (Security client, server and secure Java objects/methods) 6. OnePlatform – Security development platform (C/C++, Java, smart card APIs, protocols and components) (C/C++, Java, smart card APIs, protocols and components) SETECS Security Products :

3 SETECS Copyright© SETECS Corporation 1.Collection of CA Servers – alternative PKIs 2.Several PKI clients – native client, thin–, thick–client, Java client 3.Full RFC 2459 certificate and CRL profiles (all extensions) 4.All certificates and CRL functions (CMS – RFC 2510) 5.Creation and verification of certificate paths 6.Multiple policies (high, medium, basic) – compliant with FBCA Medium/High and DoD Class3 / Class 4 policies 7.Private cert profiles (VISA/MasterCard) and financial PKIs 8.Combined with directories and smart cards 9.Some additional features... OnePKI  – Characteristics :

4 SETECS Copyright© SETECS Corporation OnePKI – Full CA Infrastructure Top CA PolicyCA Local CA HierarchyCA BridgeCA Web and Other Servers PolicyCA Local CA UserUser Single CA User User Top CA PolicyCA HierarchyCA Local CA

5 SETECS Copyright© SETECS Corporation

6 SETECS Copyright© SETECS Corporation

7 SETECS Copyright© SETECS Corporation

8 SETECS Copyright© SETECS Corporation

9 SETECS Copyright© SETECS Corporation

10 SETECS Copyright© SETECS Corporation

11 SETECS Copyright© SETECS Corporation

12 SETECS Copyright© SETECS Corporation

13 SETECS Copyright© SETECS Corporation

14 SETECS Copyright© SETECS Corporation

15 SETECS Copyright© SETECS Corporation

16 SETECS Copyright© SETECS Corporation

17 SETECS Copyright© SETECS Corporation

18 SETECS Copyright© SETECS Corporation

19 SETECS Copyright© SETECS Corporation

20 SETECS Copyright© SETECS Corporation Top CA Bridge CA RootCertificate.der

21 SETECS Copyright© SETECS Corporation Top CA Bridge CA RootCertificate.der OtherRootCertificate.der ForwardCertificate.der

22 SETECS Copyright© SETECS Corporation Top CA Bridge CA RootCertificate.der OtherRootCertificate.der ForwardCertificate.der OtherRootCertificate.der BackwardCertificate.der ForwardCertificate.der

23 SETECS Copyright© SETECS Corporation Top CA Bridge CA RootCertificate.der OtherRootCertificate.der ForwardCertificate.der OtherRootCertificate.der BackwardCertificate.der ForwardCertificate.der CrossCertificatePair.der

24 SETECS Copyright© SETECS Corporation Top CA Bridge CA RootCertificate.der OtherRootCertificate.der ForwardCertificate.der OtherRootCertificate.der BackwardCertificate.der ForwardCertificate.der CrossCertificatePair.der BackwardCertificate.der

25 SETECS Copyright© SETECS Corporation Top CA Bridge CA RootCertificate.der OtherRootCertificate.der ForwardCertificate.der OtherRootCertificate.der BackwardCertificate.der ForwardCertificate.der CrossCertificatePair.der BackwardCertificate.der CrossCertificatePair.der

26 SETECS Copyright© SETECS Corporation

27 SETECS Copyright© SETECS Corporation OnePKI – Full CA Infrastructure Top CA PolicyCA Local CA HierarchyCA BridgeCA Web and Other Servers PolicyCA Local CA UserUser Single CA User User Top CA PolicyCA HierarchyCA Local CA

28 SETECS Copyright© SETECS Corporation

29 SETECS Copyright© SETECS Corporation

30 SETECS Copyright© SETECS Corporation

31 SETECS Copyright© SETECS Corporation

32 SETECS Copyright© SETECS Corporation

33 SETECS Copyright© SETECS Corporation

34 SETECS Copyright© SETECS Corporation

35 SETECS Copyright© SETECS Corporation

36 SETECS Copyright© SETECS Corporation

37 SETECS Copyright© SETECS Corporation

38 SETECS Copyright© SETECS Corporation

39 SETECS Copyright© SETECS Corporation

40 SETECS Copyright© SETECS Corporation

41 SETECS Copyright© SETECS Corporation

42 SETECS Copyright© SETECS Corporation

43 SETECS Copyright© SETECS Corporation

44 SETECS Copyright© SETECS Corporation

45 SETECS Copyright© SETECS Corporation

46 SETECS Copyright© SETECS Corporation

47 SETECS Copyright© SETECS Corporation

48 SETECS Copyright© SETECS Corporation

49 SETECS Copyright© SETECS Corporation

50 SETECS Copyright© SETECS Corporation

51 SETECS Copyright© SETECS Corporation

52 SETECS Copyright© SETECS Corporation

53 SETECS Copyright© SETECS Corporation

54 SETECS Copyright© SETECS Corporation

55 SETECS Copyright© SETECS Corporation

56 SETECS Copyright© SETECS Corporation

57 SETECS Copyright© SETECS Corporation

58 SETECS Copyright© SETECS Corporation

59 SETECS Copyright© SETECS Corporation TopCA OneDirectory – X.500 / LDAP System PolCA LocalCA HierCA PolCA LocalCA HierCA Servers / Administrators Users Border Internal CRLCerts

60 SETECS Copyright© SETECS Corporation

61 SETECS Copyright© SETECS Corporation

62 SETECS Copyright© SETECS Corporation

63 SETECS Copyright© SETECS Corporation 1.Simple and easy installation 2.Simple and easy customization 3.Encrypted classes – fully resistant against viruses/worms 4.Verification of completeness before activation 5.Invalid incoming messages/requests rejected 6.All FBCA “membrane” test requirements 7.FBCA Medium/High and DoD Class3 / Class 4 policies 8.Combined with directories and smart cards OnePKI  – Additional Features :

64 SETECS Copyright© SETECS Corporation 1.Full demo 2.Download, install and test (SETECS Test CP) 3.Adopt SETECS CP and CPS (Basic CP) 4.Run as a small pilot (Secure E–mail, Secure Web) 5.Cross–certify with FBCA and run full scope 6.Extend other applications with PKI SC and Directory functions) 7.Move to Medium/High CP (SC and Directory functions) 8.Scale (users), extend (applications), expand (functionality) OnePKI  – Suggestions / Phases :

65 SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  E-mail: sead @ dsv.su.se Cell: (301) 648-8599 Phone: (202) 994-5506 http://www.setecs.com/DL/Download.htm March 14, 2002

Download ppt "SETECS Copyright© SETECS Corporation Sead Muftic SETECS Corporation SETECS OnePKI  March 14, 2002."

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM

Agenda 2 factor authentication Smart cards Virtual smart cards FIM CM
Federal PKI Architecture Update

Federal PKI Architecture Update
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Password?. Project CLASP: Common Login and Access rights across Services Plan

Password?. Project CLASP: Common Login and Access rights across Services Plan
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
PKI Administration Using EJBCA and OpenCA

PKI Administration Using EJBCA and OpenCA
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.
The U.S. Federal PKI and the Federal Bridge Certification Authority

The U.S. Federal PKI and the Federal Bridge Certification Authority
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.

Using Internet Information Server And Microsoft ® Internet Explorer To Implement Security On The Intranet HTTP.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Configuring Active Directory Certificate Services Lesson 13.

Configuring Active Directory Certificate Services Lesson 13.
Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure from the Most Trusted Name in e-Security.
Public Key Infrastructure Ammar Hasayen 2013. ….

Public Key Infrastructure Ammar Hasayen ….
Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.

Virginia Tech Overview of Tech Secure Enterprise Technology Initiatives e-Provisioning Group Frank Galligan Fed/Ed.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Similar presentations

Ads by Google