1 / 17

Inside the PKI Framework: * Activating the Puzzle Pieces

Discover the technical and policy developments in the PKI framework at the PKI Summit in Snowmass. Learn about the parallelism and opportunities to build on existing infrastructure. Explore the use of digital certificates in web applications. Find out how CREN can add value with CA services.

mariaabraham
Download Presentation

Inside the PKI Framework: * Activating the Puzzle Pieces

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Inside the PKI Framework: * Activating the Puzzle Pieces PKI Summit Snowmass August 10 2001

  2. 3. Web Lite & Ultra-Lite PKI Services Themes —(1)Parallelism and (2) Build on What We Have… 1. Technical developments (TAG) 2. Policy Developments (PAG) www.cren.net

  3. PKI is a complex set of technologies — Thus lots of pieces... Theme #3: Time to Get Started...

  4. Inter-library Loan Requests Student Registration Transcripts Faculty to see grade reports, etc Students to see their grade reports Housing Lottery HR Self Service E-commerce Access to Class or Departmental Materials Access to journals from non-campus machines Portal Authentication Network Requests Sample Uses of Digital Certificates with Web Applications from Campuses From HEPKI-TAG /J. Jokl Chart www.cren.net

  5. What Can CREN Bring to this Space? • Educational Services • CA Higher education services, tailored to and responsive to higher education www.cren.net

  6. Adding Value with CREN CA Services • Intra-campus Services - Web Server Certificates • Support secure web server applications and services • Solves need for secure authorization for campus services • Inter-Institutional Services - Institutional Certs • Support secure and convenient access to learning and research materials anywhere and anytime • Solves messy problems associated with proxy servers • Certifies Campus Certificates for many purposes • Both Campus and Inter-Institutional Services - Institutional Certs • Support secure and signed email • Solves problems of sending documents and communications securely and with integrity www.cren.net

  7. PKI Landscape…The Campus Infrastructure for Digital Certs Campus Services - Authorization - Signed, Secure Email CREN CA Institutional Certificate Service Campus Infrastructure - Know Your People - Issue Digital Certificates - Setup Secure Servers Web Server Certs Service www.cren.net

  8. Core PKI Pieces - Campus Packaging www.cren.net

  9. Supporting CA Services Overview • Policy work • Supporting the HE_CP Work • Update CREN CPS (January 27, 2000) • Educational Services - Seminars, etc • Getting Started Projects • Certificate Repository www.cren.net

  10. CA Educational Services - 2001 • Seminars • Directories and Certificate Authority Services • January and June 2001 • Supported by NSF • Almost 100 institutions represented... • Survey on state of implementation at campuses... • Frequently Asked Questions (FAQ) Series • PKI Infrastructure (1999) • Institutional Directories (April, 2000) www.cren.net

  11. CA Educational Services - What’s Next? • Seminars • Directories and Certificate Authority Services • More being planned… • Clear requests/feedback on what to do next... • Web site updating • CA Bulletins - Examples • Loading Root Certificates • Accessing JSTOR with Digital Certificates • TechTalks... www.cren.net

  12. CREN CA Web Server Certificates • Available now • Self-signed root issued on July 12, 2001, valid until July 10, 2009 • Issued to institutions via existing institutional technical contacts • One contact/conduit per institution • Quick turnaround after CSR is received • Users will load CREN root into browser - See “Root Bulletin” and web site www.cren.net

  13. Getting Started with Dig Certs - The JSTOR Project • Goal: • Use digital certificates to access JSTOR • Draft Bulletin… • Project supported by Mellon • A PKI-Lite Project using rudimentary level of assurance (LOA) • Project just redesigned over last two weeks • Org Committee recommended to focus on librarians and 2-3 content providers www.cren.net

  14. Getting Started with Dig Certs - The JSTOR Project • Meeting at Internet2/Austin • Institutions with IT people and librarians who work well together • Invite 14-15 institutions • Proposed scope of project... • Issue 50 -250 certificates to needy faculty, students • Develop materials to enthuse and disseminate information and opportunity • Report on projects at Spring CNI www.cren.net

  15. Getting Started with Dig Certs - The JSTOR Project • JSTOR is ready — is digital certificate-enabled with a log-in url ready • Applies three tests to certificates • Is the issuer of certificate, such as U of Minn in their current licensee database? • Is the certificate a valid certificate, in that it has not expired? • Is the certificate a valid certificate — does it contain a valid chain to a recognized root, i.e. CREN? www.cren.net

  16. The Campus Infrastructure and Link to Content Providers Campus Uses - Authorization - Signed, Secure Email CREN CA Institutional Certificate Service Campus Infrastructure - Know Your People - Issue Digital Certificates - Setup Secure Servers Content Providers - Non-Profit - For-Profit - University Databases Web Server Certs Service www.cren.net

  17. Making progress… “Because it is Time” www.cren.net

More Related