1 / 16

Deploying Key Management on NDN Testbed

Deploying Key Management on NDN Testbed. Simplified users public key certification. Objective / Goal. Simplify (yet keep secure) public key certificate process simple for NDN testbed users to submit application for certificate and retrieve certificate (if approved)

giulio
Download Presentation

Deploying Key Management on NDN Testbed

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Deploying Key Management on NDN Testbed Simplified users public key certification

  2. Objective / Goal • Simplify (yet keep secure) public key certificate process • simple for NDN testbed users to submit application for certificate and retrieve certificate (if approved) • simple for NDN testbed site operators to approve, issue and publish certificates • Sounds simple

  3. Name conventions for NDN certificates • Certificate namespace based on institutional email address* • tom@cs.ucla.edu-> /ndn/edu/ucla/cs/tom • Request to approve certificate within institutional namespace are automatically directed to NDN site’s operator • UCLA operator for tom@cs.ucla.edu (/ndn/edu/ucla/cs/tom) • WashU operator for bob@wustl.edu (/ndn/edu/wustl) • * Non-institutional addresses and addresses of institutions that are not part of testbedassigned guest NDN namespace: • alex@gmail.com -> /ndn/guest/alex@gmail.com

  4. Certification system overview download requests submit certification requests ② ① ③ ④ upload approved certificates download issued certificates

  5. User guide • Go to http://ndncert.named-data.net, initiate certification by submitting email address • Check mailbox and click to open certification submission page • Generate certification request in the specified namespace (derived from email) • Submit name, other information to associate with the certificate, and public key • Wait for email notification of the approval by the site’s operator • Follow the instructions to install the issued certificate

  6. 1. Go to http://ndncert.named-data.net and initiate certification by submitting email address

  7. 2. Check mailbox and click to open certification submission page

  8. 3. Generate certification request in the specified namespace (derived from email)

  9. 4. Submit name, other information to associate with the certificate, and public key

  10. 5. Wait for the approval by the site’s operator

  11. 6. Check mailbox and follow the instructions to install the issued certificate

  12. Congratulations • You now have an NDN Testbed certificate for your public key • ChronoChat is a first app that makes use of these certificates • http://named-data.net/download/

  13. Operators guide • Wait for notification about users’ certification request(s) • Log in (ssh) to the certification host • Run ‘ndnop-process-requests’ command and make decisions to approve/reject request

  14. 1. Wait for notification about users’ certification request(s)

  15. 2. Log in (ssh) to the certification host

  16. 3. Run ‘ndnop-process-requests’ command and make decisions to approve/reject request

More Related