Download presentation
Presentation is loading. Please wait.
Published byBertina Thomas Modified over 9 years ago
1
Insert Your Name Insert Your Title Insert Date Client Registration Examples Alan Frindell 2/18/2011
2
Certificate Entity: Implicit self-registration Server creates Entity record as a side effect of another KMIP request No special TTLV required – KMIP server extracts needed values from TLS certificate Assumed the client already has a cert signed by a CA trusted by KMIP server Result: Entity UUID: ABCD-1234 Credential Subject Type: X.509 Certificate Identifer Subject Value:, Subject Auth Info Type: X.509 Certificate Subject Auth Info: 2
3
Certificate Entity: Explicit self-registration Register Entity Credential Subject Type: X.509 Certificate Identifier x-custom1: custom-value1 x-custom2: custom-value2 Certificate fields extracted from TLS 3
4
Certificate Entity: Registration Register Entity Credential Subject Type: X.509 Certificate Identifier Subject Auth Info Type: X.509 Certificate Subject Auth Info: x-custom1: custom-value1 x-custom2: custom-value2 Assumed registering Entity has privilege to register Entities 4
5
Certificate Entity: Authentication and Access Control Authentication Credential Subject Type: X.509 Certificate Identifier Server looks up Entity based on TLS certificate information Server checks Entity UUID against request object Owner attribute 5
6
Username/Password User: Registration Register Entity Credential Subject Type: Username Subject Value: “user1” Subject Auth Info Type: Password Subject Auth Info: “password” x-custom1: custom-value1 x-custom2: custom-value2 6
7
Username/Password User: Authentication and Access Control Authentication Credential Subject Type: Username Subject Value: “user1” Subject Auth Info Type: Password Subject Auth Info: “password” Server looks up Entity based on Subject Value Server checks Entity UUID against request object Owner attribute 7
8
Multi-factor Entity: Registration Register Entity Credential Subject Type: Username Subject Value: “user1” Subject Auth Info Type: Password Subject Auth Info: “password” Credenital Subject Type: X.509 Certificate Identifier Subject Auth Info Type: X.509 Certificate Subject Auth Info: 8
9
Multi-factor Entity: Authentication Authentication Credential Subject Type: Username Subject Value: “user1” Subject Auth Info Type: Password Subject Auth Info: “password” Credenital Subject Type: X.509 Certificate Identifier Server looks up Entity based on each Subject Value – all must resolve to the same Entity Server checks Entity UUID against request object Owner attribute 9
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.