1 / 6

Digital Credential for Higher Education

Digital Credential for Higher Education. John Gardiner 202-973-6618 jgardiner@verisign.com August 11, 2004. Program Benefits . A shared PKI infrastructure to promote interoperability among higher education institutions at a significantly reduced cost.

tyne
Download Presentation

Digital Credential for Higher Education

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Digital Credential for Higher Education John Gardiner 202-973-6618 jgardiner@verisign.com August 11, 2004

  2. Program Benefits • A shared PKI infrastructure to promote interoperability among higher education institutions at a significantly reduced cost. • Cost effectively offer Educause member organizations ability to leverage one PKI system, contract vehicle, and a standard policy • Shared Educause Member CA and associated policy • Rapid Implementation • Cross-certification with HEBCA and FBCA for interoperability with other non-member Universities • Pre-negotiated and Standardize Contract (MSA) for Education • Leveraging buying power across all members

  3. PKI Offering • Managed PKI for SSL Global, Standard, and Intranet • SSL Certificates Issues from one control center. • Each Member have it own Managed PKI for SSL Account. • Educause PKI • Each Member can leverage the Educause root CA but has it’s own dedicated Sub-CA. • VeriSign Trust Network with use of Global Directory • Premium Options Include: • Key Management for Key Escrow • Premium Validation - OCSP • Gold Support Plan • 2 Admin Kits • Auto Enrollment Kit

  4. VeriSign Managed PKI Service • Core Managed PKI Service • Create and host enterprise Certificate Authorities (CAs) • Manage the lifecycle of digital certificates (i.e., approve, issue, revoke, renew, recover and audit certificates) • MPKI Service Includes • VeriSign PKI services, support, maintenance, software upgrades, and PKI system back-ups • VeriSign-supplied FIPS 140-1 Level 3 Certificate Signing Unit (CSU) • Local Hosting Module • Automated Administration Hardware (Luna token and reader) • Disaster Recovery for CA • Gold Support Plan – Including 90 day test Pilot System. • Service Level Agreements

  5. VeriSign Global Repository VeriSign Class 2 PCA VeriSign/Educause Member CA FBCA University of Texas CA University #1 Sub CA University #2 Sub CA University #3 Sub CA Higher Ed PKI Architecture Proposal #2 HEBCA • Interoperability via common VeriSign Root CA • All certificates posted in VeriSign global directory in addition to individual university directories • Common Educause member CA policy subordinate to VeriSign VTN policy-- Educause branding/site seal • Shared CA with keys stored on FIPS 140-1 Level 3 hardware. CA domain partitioned with each university having RA access over its piece of the CA domain. • Cross certification with HEBCA and FBCA at Shared CA level (Requires Sub CA Cert Profile reconfiguration and AUDIT of sub RA operations)

  6. Questions?

More Related