Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNLP CA (Argentina) Universidad Nacional de La Plata Was created as a national university in 1905 Is the 3rd largest.

Published byBarry King Modified over 9 years ago

Similar presentations

Presentation on theme: "UNLP CA (Argentina) Universidad Nacional de La Plata Was created as a national university in 1905 Is the 3rd largest."— Presentation transcript:

1 jdiaz@unlp.edu.ar UNLP CA (Argentina) Universidad Nacional de La Plata www.unlp.edu.ar Was created as a national university in 1905 Is the 3rd largest university in Argentina More than 90.000 enrolled students More than 140 degree programs More than 200 postgraduate programs Produces about 20% of the academic research in Argentina

2 jdiaz@unlp.edu.ar UNLP CA (Argentina) C entro S uperior para el P rocesamiento de la I nformación www.cespi.unlp.edu.ar Provides research network for UNLP 1991 (via BITNET) April 1994 connection to Internet –Class B: 163.10.x.x. –Domain unlp.edu.ar –Autonomous Systems Number: 5692 Since 2004 connected to Academic Research Networks Ampath & CLARA (viaRETINA) –prefijo IPv6: 2001:1318:A001:: /64

3 jdiaz@unlp.edu.ar UNLP CA (Argentina) Ce.S.P.I Provides Network Monitoring & management: –More than 3000 computers with public IP –Tools used: Mtrg Nagios Netflow Ipaudit Administrative information systems –Payroll & human resources –Students system –Statistics

4 jdiaz@unlp.edu.ar UNLP CA (Argentina) pkUNLPGrid CA Following RFC 3647 OID pending in IANA since 12/jan/06 –To be requested from IGTF CP/CPS ver 0.91 (20/03/06) http://www.pkiUNLPGrid.unlp.edu.ar First checked by: Jorge Gomes (LIP) Reviewers:Tony J. Genovese & Alan Sill

5 jdiaz@unlp.edu.ar UNLP CA (Argentina) Persons involved with the computer network infrastructure for the project Coordinating the CA for UNLP: Javier Díaz, Miguel Luengo Policies, procedures & auditing: Viviana Ambrosi, Lia Molinari PKI infraestructure for de CA: Paula Venosa, Viviana Ambrosi, Einar Lanfranco Network administration (also working in an academic IRT): Miguel Luengo, Nicolas Macia, Andres Barbieri, Alejandro Veiga, Matias Zabaljauregui. RA administration: Maria del Carmen Lago, Teresa Di Pietro, Fernanda Aday

6 jdiaz@unlp.edu.ar UNLP CA (Argentina) UNLP is working in cooperation with the ONTI, the agency of the federal government of Argentina that coordinated used of information system and technology. –Security standars for the information systems. –Arcert which is the only CERT in Argentina. –pki.gov.ar which is the federal agency that promotes the use of digital signature in the government. –Providing digital signature support for the information systems provided by SIU to the Universities.

7 jdiaz@unlp.edu.ar UNLP CA (Argentina) Initially only one RA related to UNLP The information to contact initial RA is in the site: http://www.pkiUNLPGrid.unlp.edu.ar The concept is one RA per University or Academic institution equivale CA RA Inst. 1Inst. 2Inst. 3Inst. 4

8 jdiaz@unlp.edu.ar UNLP CA (Argentina) Name Forms: PKUNLPGRID CA prefers that organizations use domain component naming. Issuer: DC=ar, DC=UNLPgrid, CN=UNLPGridCA Subject: DC=ar, DC=UNLPgrid, O=string, CN=name.surname DC=ar, DC=UNLPgrid, O=string, CN=FQDN

9 jdiaz@unlp.edu.ar UNLP CA (Argentina) Types of names For people the name and surname or a text directly derived from their name CN=JavierDiaz For Server the server fully qualified domain name (FQDN).IP address are nor accepted CN=pkigrid.unlp.edu.ar For Services the name of the service, the character '/' and the FQDN of the server. CN=ldap/ pkigrid.unlp.edu.ar

10 jdiaz@unlp.edu.ar UNLP CA (Argentina) Lifetime of certificates CA key size 2048 bits, Initial 10 years lifetime. EE key size 1024 bits, Certificates valid for 13 months (one year + one month). CRL issued every 30 days (at least 7 day befores de expiration of the previous CRL or upon demand)

11 jdiaz@unlp.edu.ar UNLP CA (Argentina) Guidelines CA offline CA online site supports : Certificates signed by the UNLPCA CRLs CP/CPS technical contacts of the CA RA contact pointer to the TAGPMA & IGTF

12 jdiaz@unlp.edu.ar UNLP CA (Argentina) Tools used –CA offline: running Linux Debian stable, stored in a safe; OpenCA versión 0.9.2.5 (latest release), OpenSSL versión 0.9.7 using etokens-PRO de 32 K for holding private key of CA operators keep in a separate safe (with procedures for accessing the etoken and the passphrase) –CA online site In the Datacenter of the UNLP with access control, etc Behind a FW based on OpenBSD Traffic analyzer (on separate port SPAN using SNORT with a correlation tool such as: ossim/sguil/prelude

Download ppt "UNLP CA (Argentina) Universidad Nacional de La Plata Was created as a national university in 1905 Is the 3rd largest."

Similar presentations

1 APNIC Resource Certification Service Project Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam George Michaelson.

1 APNIC Resource Certification Service Project Routing SIG 7 Sep 2005 APNIC20, Hanoi, Vietnam George Michaelson.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Academia Sinica Grid Computing Certification Authority (ASGCCA) Yuan, Tein Horng Academia Sinica Computing Centre 13 June 2003.

Academia Sinica Grid Computing Certification Authority (ASGCCA) Yuan, Tein Horng Academia Sinica Computing Centre 13 June 2003.
CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.

CNIC Grid CA/SDG CA Self Audit Kejun (Kevin) Dong Computer Network Information Center (CNIC) Chinese Academy of Sciences APGridPMA F2F.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Www.eu-eela.org E-infrastructure shared between Europe and Latin America Dova, M.T., Grunfeld, C., Monticelli, F., Tripiana, M., Veiga, A. IFLP (CONICET-UNLP)

E-infrastructure shared between Europe and Latin America Dova, M.T., Grunfeld, C., Monticelli, F., Tripiana, M., Veiga, A. IFLP (CONICET-UNLP)
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
APNIC Trial of Certification of IP Addresses and ASes RIPE 52 Plenary George Michaelson Geoff Huston.

APNIC Trial of Certification of IP Addresses and ASes RIPE 52 Plenary George Michaelson Geoff Huston.
9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.

9/20/2000www.cren.net1 Root Key Cutting and Ceremony at MIT 11/17/99.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.

OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.
Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.

Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.
UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.

UNAMgrid CA Juan Carlos Guel UNAM, México. Alejandro Núñez UNAM, México. Israel Becerril UNAM, México. DGSCA UNAM 31/08/06.
NECTEC-GOC CA APGrid PMA face-to-face meeting. October, 15 2006 Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.

NECTEC-GOC CA APGrid PMA face-to-face meeting. October, Sornthep Vannarat National Electronics and Computer Technology Center, Thailand.
National Institute of Advanced Industrial Science and Technology Self-audit report of AIST GRID CA Yoshio Tanaka Information.

National Institute of Advanced Industrial Science and Technology Self-audit report of AIST GRID CA Yoshio Tanaka Information.
DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.

DataGrid WP6 CA meeting, CERN, 12 December 2002 IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of.

Similar presentations

Ads by Google