Presentation is loading. Please wait.

Presentation is loading. Please wait.

David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit.

Published byRobert Knight Modified over 9 years ago

Similar presentations

Presentation on theme: "David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit."— Presentation transcript:

1 David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit - August 2004 David L. Wasley University of California

2 2 Why do you want PKI? v Strong identity credentials? l Yes v Digital signatures? l Yes v Does everyone need those? l Not today … v Credentials that other organizations can trust? l Federated identity management is more flexible v So what’s the cost/benefit proposition?

3 3 Maybe it’s asymmetric cryptography v Asymmetric crypto (AC) has important, unique capabilities l Privacy of shared documents s Wherever they go l Integrity of documents s Any digital document, e.g. photographs … l Authenticity of documents s If you know who had access to the private key v The last bullet is what PKI is about

4 4 Where do you need Privacy? v Sharing confidential documents l E.g. workgroup environments v Exchanging sensitive email l E.g. HIPAA requirements for PHI messaging v Sensitive document archiving l Who has access to the backup tapes, e.g.? v Your application here …

5 5 Where do you need Integrity? v Is the email you forwarded to me really what the originator sent? v Is this version of the 150 page contract in MSWord unchanged from what I sent you? v Is this web site really what the authors put up? v Critical document archiving v Etc…

6 6 Where do you need Authenticity? v Is this a photograph taken at the crime scene? v Yes - Acme, Inc. agrees to this contract l Sez who? v Can I believe this ID credential? l Trusted roots, bridges, etc… v Is this the official archived version? v Anywhere you need to know who vouches for the content, and that the content is what s/he vouches for.

7 7 Where do you need strong credentials? v Business processes where there is risk that can be mitigated in this way v Where digital signatures are important l Who archived this document? v Where smartcards provide protection against credential sharing v Etc…

8 8 Where do you need PKI? v Where ever you need to know who owns a particular private key v Strong ID credentials are one example l Smartcards help protect the private key v The technology can be used more broadly if only it was there… l E.g. S/MIME (!) l I think this is why we should support today’s PKI

9 9 “PKI” may be different in the future v Today’s PKI is pretty rigid l Especially the vendor products l How about signed XML credentials with easily extensible content? l How about “personal PKI” for friends, groups, …? v Signing and encryption should be an integral part of the computing environment, available to any application in a consistent, standards based methodology.

10 10 Asymmetric Cryptography can … v help address vulnerabilities in information management v help ensure document integrity where it matters v help mitigate risk in e-business by adding some level of authenticity to transactions v be an important tool in our IT environments v …

11 11 So what does this all mean? v Yes, we need a PKI l For certain applications now l For lots of applications eventually v Start with the applications that need AC l Digital signatures l Document integrity l Strong ID credentials v The rest will follow because the infrastructure will be there

Download ppt "David L. Wasley Office of the President University of California Maybe it’s not PKI … Musings on the business case for PKI EDUCAUSEEDUCAUSE PKI Summit."

Similar presentations

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Identity Management Realities in Higher Education NET Quarterly Meeting January 12, 2005.

Identity Management Realities in Higher Education NET Quarterly Meeting January 12, 2005.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule”

Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule”
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an e-mail. How do we know who it’s from? E-Mail address Can be spoofed.

CSCI 530L Public Key Infrastructure. Who are we talking to? Problem: We receive an . How do we know who it’s from? address Can be spoofed.
Cryptographic Technologies

Cryptographic Technologies
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Similar presentations

Ads by Google