Interagency Advisory Board Meeting Agenda, July 28, 2010
|
|
- Godwin Singleton
- 6 years ago
- Views:
Transcription
1 Interagency Advisory Board Meeting Agenda, July 28, Opening Remarks 2 Research Collaboration in the Cloud: How NCI and Research Partners Are Improving Business Processes using Digital Identities (Sherry Ansher, NIH/NCI and Cindy Cullen CTO Safe Bio-Pharma) 3. Minimum Standards for Proof and Verification of Personal Identity (Graham Whitehead, NAPSO) 4. Planned Changes to the Federal PKI (Judy Spencer, FICAM Co-Chair) 5. The Status and Future Plans for the GSA Shared Service (Steve Duncan, MSO Director) 6. The ICAM Return on Investment (ROI) WG (Tim Gaines, ICAM Chair) 7. Proposed Federal Profile for SAML 2.0 for LOA 1 through 4(Tim Baldridge, FICAM AWG) 8. TSCP Implementation Pilots to demonstrate NTSIC Goals & Objectives (Keith Ward) 9. Closing Remarks
2 Federal PKI Authority SHA-256 Infrastructure Enhancement 28 July 2010 Judy Spencer Federal ICAM Subcommittee Co-Chair
3 Agenda New FPKI Root and Intermediate Certificates What are root and Intermediate certificates What is changing When is it coming What do you have to do Use of SHA-256 What is SHA-256 How is SHA-256 used How does it impact you What do you have to do Discussion 54
4 What are Root and Intermediate Certificates? A root certificate is a self-signed certificate issued by a Certification Authority (CA) Root CA A Relying Party (RP) Trusts a certificate if a valid path, which may include Intermediate Certificates, is known to a Root CA in the RP Trust Store. Federal Common Policy Framework (Common Policy) CA Root certificate used as a Public Federal PKI Trust Anchor Included in COTS products, as are other Commercial PKI Trust Anchors Intermediate certificates issued only to Federal Entity CAs Federal Bridge CA Cross-Certified with Common Policy CA Cross-Certified non-federal Entity CAs and legacy Federal CAs Not used as a Trust Anchor; used to provide policy mapping 55
5 New FPKI Certificates What is Changing? New CAs for Common Policy and the Federal Bridge New CA Directory Names (Issuer Names) Common: cn=federal Common Policy CA, ou=fpki, o=u.s. Government, c=us Bridge: cn=federal Bridge CA, ou=fpki, o=u.s. Government, c=us SHA-256 Signature Algorithm New Root and Intermediate/Cross CA certificates issued New URIs to access FPKI CA certificates and CRLs Provides real-time load balancing fpkia.gsa.gov (current) http.fpki.gov, ldap.fpki.gov, dsp.fpki.gov (new) 56
6 New FPKI Roots What is Changing? (Con t) Common root certificate in more COTS product trust stores FPKI MA applying to get it into lists ASAP e.g., Microsoft, Adobe, Java, Apple, Mozilla, Oracle TBD: Legacy Federal CAs moved from Bridge to Common FPKIPA reaching out to Legacy Federal CAs Decision by end of July
7 New FPKI Roots When is it coming? Sept 30, 2010: New Common and Bridge CAs online Q1 FY11: Reissue certificates The FPKI MA will issue new cross certificates from the new Common Policy CA to FBCA and all SSP CAs The FPKI MA will issue new Federal Bridge cross-certificates to all Affiliate CAs currently cross certified with the FBCA During September December Transition Period: There will be dual Common and Bridge roots (old and new) to allow time for relying party (client workstation) transition 58
8 New FPKI Roots What do you have to do? Review FDCC Guidance on managing PKI Trust Anchors Affiliate CAs Cross Certify with new Federal Bridge CA Push new Common Policy root and applicable Intermediate certificates to update end user trust stores Notify FPKI MA that push to users is complete FPKI MA will revoke legacy intermediate/cross-certificates 59
9 Agenda New FPKI Roots What is a root What is changing When is it coming? What do you have to do? Use of SHA-256 What is SHA-256 How is SHA-256 used? How does it impact you? What do you have to do? Discussion 60
10 Use of SHA-256 What is SHA-256? SHA-1 is a depreciated hash algorithm currently in use for certificate digital signatures SHA-256 is a stronger hash algorithm for digital signature Stronger than SHA-1 algorithm currently used in the FPKI NIST-Approved algorithm for certificate signature use NIST SP DRAFT Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes 61
11 Use of SHA-256 How is SHA-256 used? SHA-256 is used for digital signing A block of data is input into the SHA-256 Hash Algorithm to obtain a fixedsized bit stream that serves as the message authentication in the digital signature for content integrity. 62
12 Use of SHA-256 How it impacts you You will need to process SHA-256 based signatures New FPKI CA certificates will be signed using SHA-256 New FPKI CA CRLs will be signed using SHA-256 Secure correspondence will be signed using SHA-256 e.g., secure s between FPKI MA and Affiliates New PIV Authentication Certificates will be signed using SHA-256 New PIV Card Auth Certificates will be signed using SHA-256 New Digital Signature Certificates will be signed using SHA-256 New Encryption Certificates will be signed using SHA-256 New Device Certificates will be signed using SHA-256 New SSL/TLS Web Certificates will be signed using SHA
13 Use of SHA-256 What do you have to do The FPKI Policy Authority recommends the following: Review NIST SPs Part 1, , Inventory existing public key enabled applications within your Agency or Organization that use FPKI PIV certificates for authentication, digital signature, and or/ encryption Evaluate your application compatibility to process SHA-256 Verify COTS Vendor/Manufacturer support of SHA-256 Verify COTS product minimum required versions for SHA-256 support Obtain SHA-256 signed test certificates Create a Test Plan and evaluate applications that may be at risk for SHA-256 support. Voluntarily report testing results to idmanagement.gov 64
14 Agenda New FPKI Roots What is a root What is changing When is it coming? What do you have to do? Use of SHA-256 What is SHA-256 How is SHA-256 used? How does it impact you? What do you have to do? Discussion 65
Federal PKI. Trust Store Management Guide
Federal PKI Trust Store Management Guide V1.0 September 21, 2015 FINAL Disclaimer The Federal PKI Management Authority (FPKIMA) has designed and created the Trust Store Management Guide as an education
More informationPKI and FICAM Overview and Outlook
PKI and FICAM Overview and Outlook Stepping Stones 2001 FPKIPA Established Federal Bridge CA established 2003 E-Authentication Program Established M-04-04 E-Authentication Guidance for Federal Agencies
More informationInteragency Advisory Board Meeting Agenda, Wednesday, February 27, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, February 27, 2013 1. Opening Remarks 2. Discussion on Revisions Contained in Draft SP 800-63-2 (Bill Burr, NIST) 3. The Objectives and Status of Modern
More informationInteragency Advisory Board Meeting Agenda, March 5, 2009
Interagency Advisory Board Meeting Agenda, 1. Opening Remarks (Tim Baldridge, NASA) 2. Federal Identity, Credential, and Access Management (ICAM) The Future of the Government s IDM Strategy (Judy Spencer,
More informationInteragency Advisory Board HSPD-12 Insights: Past, Present and Future. Carol Bales Office of Management and Budget December 2, 2008
Interagency Advisory Board HSPD-12 Insights: Past, Present and Future Carol Bales Office of Management and Budget December 2, 2008 Importance of Identity, Credential and Access Management within the Federal
More informationDirectTrust Governmental Trust Anchor Bundle Standard Operating Procedure
DirectTrust Governmental Trust Anchor Bundle Standard Operating Procedure Change Control Date Version Description of changes 15-December- 2016 1-December- 2016 17-March- 2016 4-February- 2016 3-February-
More informationInteragency Advisory Board Meeting Agenda, August 25, 2009
Interagency Advisory Board Meeting Agenda, August 25, 2009 1. Opening Remarks 2. Policy, process, regulations, technology, and infrastructure to employ HSPD-12 in USDA (Owen Unangst, USDA) 3. Policy and
More informationInteragency Advisory Board Meeting Agenda, Wednesday, May 23, 2012
Interagency Advisory Board Meeting Agenda, Wednesday, May 23, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Revision of the Digital Signature Standard (Tim Polk, NIST) 3. Update on Content
More informationInteragency Advisory Board Meeting Agenda, Wednesday, June 29, 2011
Interagency Advisory Board Meeting Agenda, Wednesday, June 29, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Using PKI to Mitigate Leaky Documents (John Landwehr, Adobe) 3. The Digital Identity
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationInteragency Advisory Board Meeting Agenda, December 7, 2009
Interagency Advisory Board Meeting Agenda, December 7, 2009 1. Opening Remarks 2. FICAM Segment Architecture & PIV Issuance (Carol Bales, OMB) 3. ABA Working Group on Identity (Tom Smedinghoff) 4. F/ERO
More informationLeveraging HSPD-12 to Meet E-authentication E
Leveraging HSPD-12 to Meet E-authentication E Policy and an update on PIV Interoperability for Non-Federal Issuers December 2, 2008 Chris Louden IAB 1 Leveraging HSPD-12 to Meet E-Authentication E Policy
More informationStrategies for the Implementation of PIV I Secure Identity Credentials
Strategies for the Implementation of PIV I Secure Identity Credentials A Smart Card Alliance Educational Institute Workshop PIV Technology and Policy Requirements Steve Rogers President & CEO 9 th Annual
More informationFBCA Cross-Certificate Remover 1.11 User Guide
DoD Public Key Enablement (PKE) User Guide FBCA Cross-Certificate Remover Contact: dodpke@mail.mil URL: http://iase.disa.mil/pki-pke FBCA Cross-Certificate Remover 1.11 User Guide 12 February 2014 Version
More informationU.S. E-Authentication Interoperability Lab Engineer
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI
More informationUS Federal PKI Bridge. Ram Banerjee VP Vertical Markets
US Federal PKI Bridge Ram Banerjee VP Vertical Markets e-gov and PKI Drivers Government Paperwork Elimination and ESIGN Acts Public Expectations Long-term Cost Savings The Need for Privacy and Security
More informationInteragency Advisory Board Meeting Agenda, Tuesday, November 1, 2011
Interagency Advisory Board Meeting Agenda, Tuesday, November 1, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. FIPS 201-2 Update and Panel Discussion with NIST Experts in Q&A Session (Bill MacGregor
More informationHow does industry drive forward. SAFE-BioPharma Association
How does industry drive forward SAFE-BioPharma Association Topics! Topic C: Assurance levels, frameworks, interparty liability! Topic D: Device-specific methods: mobile; smartcards; browser DNT, etc. PKI,
More informationOperational Research Consultants, Inc. (ORC) Access Certificates For Electronic Services (ACES) Certificate Practice Statement Summary. Version 3.3.
Operational Research Consultants, Inc. (ORC) Access Certificates For Electronic Services (ACES) Certificate Practice Statement Summary Version 3.3.2 May 30, 2007 Copyright 2007, Operational Research Consultants,
More informationNext Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop
Next Generation Physical Access Control Systems A Smart Card Alliance Educational Institute Workshop PACS Integration into the Identity Infrastructure Salvatore D Agostino CEO, IDmachines LLC 8 th Annual
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationInteragency Advisory Board Meeting Agenda, February 2, 2009
Interagency Advisory Board Meeting Agenda, February 2, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Mini Tutorial on NIST SP 800-116 AND PIV use in Physical Access Control Systems (Bill MacGregor,
More informationRevision 2 of FIPS 201 and its Associated Special Publications
Revision 2 of FIPS 201 and its Associated Special Publications Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov IAB meeting, December 4, 2013 FIPS 201-2
More informationLeveraging the LincPass in USDA
Leveraging the LincPass in USDA Two Factor Authentication, Digital Signature, Enterprise VPN, eauth Single Sign On February 2010 USDA Takes Advantage of the LincPass USDA is taking advantage of the LincPass
More informationFIPS and NIST Special Publications Update. Smart Card Alliance Webinar November 6, 2013
FIPS 201-2 and NIST Special Publications Update Smart Card Alliance Webinar November 6, 2013 Today s Webinar Topics & Speakers Introductions: Randy Vanderhoof, Executive Director, Smart Card Alliance FIPS
More informationTechnical Trust Policy
Technical Trust Policy Version 1.2 Last Updated: May 20, 2016 Introduction Carequality creates a community of trusted exchange partners who rely on each organization s adherence to the terms of the Carequality
More informationInteragency Advisory Board Meeting Agenda, April 27, 2011
Interagency Advisory Board Meeting Agenda, April 27, 2011 1. Open Remarks (Mr. Tim Baldridge, IAB Chair) 2. FICAM Plan for FIPS 201-2 (Tim Baldridge, IAB Chair and Deb Gallagher, GSA) 3. NSTIC Cross-Sector
More informationFPKIPA CPWG Antecedent, In-Person Task Group
FBCA Supplementary Antecedent, In-Person Definition This supplement provides clarification on the trust relationship between the Trusted Agent and the applicant, which is based on an in-person antecedent
More informationCryptologic and Cyber Systems Division
Cryptologic and Cyber Systems Division OVERALL BRIEFING IS Someone Scraped My Identity! Is There a Doctrine in the House? AF Identity, Credential, and Access Management (ICAM) August 2018 Mr. Richard Moon,
More informationOperated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA
Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA LANL s Multi-Factor Authentication (MFA) Initiatives NLIT Summit 2018 Glen Lee Network and Infrastructure Engineering
More informationDoD Identity & Access Management (IdAM) Portfolio Overview
DoD Identity & Access Management (IdAM) Portfolio Overview UNCLASSIFIED DISA Enterprise Services Directorate (ESD) 17 July 2013 Overview IdAM Concepts & IdAM Portfolio 7/15/13 UNCLASSIFIED 1 IdAM Overview
More informationState of the Industry and Councils Reports. Access Control Council
State of the Industry and Councils Reports Access Control Council Chairman: Lars R. Suneborn, Sr. Manager, Technical Marketing, Government ID, Oberthur Technologies Property of the Smart Card Alliance
More informationAbout & Beyond PKI. Blockchain and PKI. André Clerc Dipl. Inf.-Ing. FH, CISSP, CAS PM TEMET AG, Zürich. February 9, 2017
About & Beyond PKI Blockchain and PKI André Clerc Dipl. Inf.-Ing. FH, CISSP, CAS PM TEMET AG, Zürich February 9, 2017 1 Agenda Does blockchain secure PKIs in the longterm? Disadvantages of classic PKIs
More informationAssuring Identity. The Identity Assurance Framework CTST Conference, New Orleans, May-09
Assuring Identity The Identity Assurance Framework CTST Conference, New Orleans, May-09 Brett McDowell, Executive Director, Liberty Alliance email@brettmcdowell +1-413-652-1248 1 150+ Liberty Alliance
More informationAn Overview of Draft SP Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication
An Overview of Draft SP 800-157 Derived PIV Credentials and Draft NISTIR 7981 Mobile, PIV, and Authentication Hildegard Ferraiolo PIV Project Lead NIST ITL Computer Security Division Hildegard.ferraiolo@nist.gov
More informationSAML Metadata Signing gpolicy and Aggregation Practice Statement
SAML Metadata Signing gpolicy and Aggregation Practice Statement Draft ftframework Presented at REFEDS, 5 th December 2008 Rodney McDuff, The University of Queensland r.mcduff@uq.edu.au Viviani Paz, AAF
More informationNIST E-Authentication Guidance SP
NIST E-Authentication Guidance SP 800-63 Federal PKI TWG Feb. 18, 2004 Bill Burr william.burr@nist.gov NIST E-Authentication Tech Guidance OMB Guidance to agencies on E-Authentication OMB Memorandum M-04-04,
More informationDelivering Certificates or Trust Building Robust PKIs Alan T Liddle Msc BSc PgDip FBCS CEng CITP AMP MIMMM
Delivering Certificates or Trust Building Robust PKIs Alan T Liddle Msc BSc PgDip FBCS CEng CITP AMP MIMMM Trustis Limited Building 273 Greenham Business Park RG19 6HN Agenda Introduction PKI Standards
More informationA standard for High-Assurance Identity for Healthcare and Pharmaceutical e-transactions
A standard for High-Assurance Identity for Healthcare and Pharmaceutical e-transactions Viky Manaila Managing Director, Trans Sped SRL ETSI ESI Workshop 3rd December 2013 Sophia-Antipolis What is SAFE-BioPharma?
More informationg6 Authentication Platform
g6 Authentication Platform Seamlessly and cost-effectively modernize a legacy PACS to be HSPD-12 compliant l l l l Enrollment and Validation Application Authentication Modules Readers HSPD-12 Enrollment
More informationHigher Education PKI Initiatives
Higher Education PKI Initiatives (Scott Rea) Securing the ecampus - Hanover NH July 28, 2009 Overview What are the drivers for PKI in Higher Education? Stronger authentication to resources and services
More informationINFORMATION ASSURANCE DIRECTORATE
National Security Agency/Central Security Service INFORMATION ASSURANCE DIRECTORATE CGS Key Management Key Management is a service and process that provides, controls, and maintains the cryptographic keys,
More informationDBsign for HTML Applications Version 4.0 Release Notes
DBsign for HTML Applications Version 4.0 Release Notes Copyright 2010 Version 4.0 Copyright Notice: The Release Notes has a copyright of 2000-2010 by Gradkell Computers, Inc. This work contains proprietary
More informationInformation Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1
Information Security message M one-way hash fingerprint f = H(M) 4/19/2006 Information Security 1 Outline and Reading Digital signatures Definition RSA signature and verification One-way hash functions
More informationSecurity and Certificates
Encryption, page 1 Voice and Video Encryption, page 6 Federal Information Processing Standards, page 6 Certificate Validation, page 6 Required Certificates for On-Premises Servers, page 7 Certificate Requirements
More informationGovernment PKI Factors Influencing Architecture for the Equal Employment Opportunity Commission
Government PKI Factors Influencing Architecture for the Equal Employment Opportunity Commission December 14, 2000 Steve Bruck Khurram Chaudry Francis Yuan 1 EEOC Business Cases for PKI Citizens complaints
More informationQUANTUM SAFE PKI TRANSITIONS
QUANTUM SAFE PKI TRANSITIONS Quantum Valley Investments Headquarters We offer quantum readiness assessments to help you identify your organization s quantum risks, develop an upgrade path, and deliver
More informationPKI-An Operational Perspective. NANOG 38 ARIN XVIII October 10, 2006
PKI-An Operational Perspective NANOG 38 ARIN XVIII October 10, 2006 Briefing Contents PKI Usage Benefits Constituency Acceptance Specific Discussion of Requirements Certificate Policy Certificate Policy
More informationQualys SAML & Microsoft Active Directory Federation Services Integration
Qualys SAML & Microsoft Active Directory Federation Services Integration Microsoft Active Directory Federation Services (ADFS) is currently supported for authentication. The Qualys ADFS integration must
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationE-Authentication Handbook for Federal Government Agencies
Version 3.0.0 May 04, 2005 Executive Summary This handbook presents general guidelines to Government Agencies planning to participate or already participating in the E-Authentication Initiative (Initiative).
More informationThe Benefits of EPCS Beyond Compliance August 15, 2016
The Trusted Source for Secure Identity Solutions The Benefits of EPCS Beyond Compliance August 15, 2016 Presenters Sheila Loy Director Healthcare Solutions HID Global Joe Summanen Technical Architect Nemours
More informationNational Identity Exchange Federation. Trustmark Signing Certificate Policy. Version 1.0. Published October 3, 2014 Revised March 30, 2016
National Identity Exchange Federation Trustmark Signing Certificate Policy Version 1.0 Published October 3, 2014 Revised March 30, 2016 Copyright 2016, Georgia Tech Research Institute Table of Contents
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
KEY DISTRIBUTION AND USER AUTHENTICATION Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman
More informationNATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY Standardization of Entity Authentication Assurance 5th ETSI Security Workshop 20-2222 January 2010 ETSI, Sophia Antipolis, France Erika McCallister, Esq.,
More informationA comparison between Public key authority and certification authority for distribution of public key
A comparison between Public key authority and certification authority for distribution of public key Gaurav Agarwal, Saurabh Singh Invertis Institute of Engineering and Technology, Bareilly (India) Abstract:
More informationX.509 Certificate Policy. For The Federal Bridge Certification Authority (FBCA)
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) September 10, 2002 Signature Page Chair, Federal Public Key Infrastructure Policy Authority DATE Table of Contents 1. INTRODUCTION...
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationSecure Solutions. EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible Cards Accessories
Secure Solutions l l l l BridgePointTM solutions that will take your security system to the next level EntryPointTM Access Readers TrustPointTM Access Readers EntryPointTM Single-Door System PIV-I Compatible
More informationBugzilla ID: Bugzilla Summary:
Bugzilla ID: Bugzilla Summary: CAs wishing to have their certificates included in Mozilla products must 1) Comply with the requirements of the Mozilla CA certificate policy (http://www.mozilla.org/projects/security/certs/policy/)
More informationDirectTrust Accredited Trust Anchor Bundle Standard Operating Procedure
DirectTrust Accredited Trust Anchor Bundle Standard Operating Procedure Change Control Date Version Description of changes 1-Sept-2016 1.5 Added requirements for post approval testing during initial interop
More informationDepartment of Defense Public Key Infrastructure
Department of Defense Public Key Infrastructure DoD Approved External PKIs Master Document Version 5.6 January 26, 2016 Prepared for: DoD PKI Program Management Office 9800 Savage Road Suite 6718 Fort
More informationNo More Excuses: Feds Need to Lead with Strong Authentication!
No More Excuses: Feds Need to Lead with Strong Authentication! Dr. Sarbari Gupta sarbari@electrosoft-inc.com Annual NCAC Conference on Cybersecurity March 16, 2016 Electrosoft Services, Inc. 1893 Metro
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationHelping Meet the OMB Directive
Helping Meet the OMB 11-11 Directive March 2017 Implementing federated identity management OMB Memo 11-11 Meeting FICAM Objectives Figure 1: ICAM Conceptual Diagram FICAM Targets Figure 11: Federal Enterprise
More informationTen Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier
Presented by Joshua Schiffman & Archana Viswanath Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier Trust Models Rooted Trust Model! In a
More informationSecurity Secure Information Sharing
ASD Convention Workshop 6 e-standards: a Strategic Asset across the Value Chain Security Secure Information Sharing Steve SHEPHERD Executive Director UK CeB Istanbul, 6 October 2011 1 Information security
More informationDepartment of Defense Public Key Infrastructure
Department of Defense Public Key Infrastructure DoD Approved External PKIs Master Document Version 4.6.1 22 August 2014 Prepared for: DoD PKI Program Management Office (PMO) Prepared by: Booz Allen Hamilton
More informationFIPS and Mobility (SP Derived PIV Credentials) Sal Francomacaro FIPS201/PIV Team NIST ITL Computer Security Division
FIPS 201-2 and Mobility (SP 800-157 Derived PIV Credentials) Sal Francomacaro FIPS201/PIV Team NIST ITL Computer Security Division salfra@nist.gov 2013 Smart Card Alliance Member Meeting Coral Gables,
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 11: Public Key Infrastructure Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Public key infrastructure Certificates Trust
More informationDerived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research
1 NISTIR 8055 (Draft) 2 3 4 5 Derived Personal Identity Verification (PIV) Credentials (DPC) Proof of Concept Research 6 Michael Bartock 7 Jeffrey Cichonski 8 Murugiah Souppaya 9 Paul Fox 10 Mike Miller
More informationCERTIFICATE POLICY CIGNA PKI Certificates
CERTIFICATE POLICY CIGNA PKI Certificates Version: 1.1 Effective Date: August 7, 2001 a Copyright 2001 CIGNA 1. Introduction...3 1.1 Important Note for Relying Parties... 3 1.2 Policy Identification...
More informationSymantec Non-Federal Shared Service Provider PKI. Certification Practice Statement
Symantec Non-Federal Shared Service Provider PKI Certification Practice Statement A Symantec Trust Network CA Version 2.0 September 15, 2017 (Portions of this document have been redacted.) Symantec Corporation
More informationNew Security Features in DLMS/COSEM
New Security Features in DLMS/COSEM A comparison to the Smart Meter Gateway Workshop on Power Line Communications 2015 (HRW), Robin Massink (DNV GL), Gerd Bumiller (HRW) 21.09.2015 21.09.2015 1 Initiated
More informationCryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent
More informationDIGITALSIGN - CERTIFICADORA DIGITAL, SA.
DIGITALSIGN - CERTIFICADORA DIGITAL, SA. TIMESTAMP POLICY VERSION 1.1 21/12/2017 Page 1 / 18 VERSION HISTORY Date Edition n.º Content 10/04/2013 1.0 Initial drafting 21/12/2017 1.1 Revision AUTHORIZATIONS
More informationEstablishing Trust Across International Communities
Establishing Trust Across International Communities 6 Feb 2013 info@federatedbusiness.org www.federatedbusiness.org Proprietary - British Business Federation Authority 1 Strategic Drivers - Industry 1.
More informationInteragency Advisory Board Meeting Agenda, Wednesday, April 24, 2013
Interagency Advisory Board Meeting Agenda, Wednesday, April 24, 2013 1. Opening Remarks 2. A Security Industry Association (SIA) Perspective on the Cost and Methods for Migrating PACS Systems to Use PIV
More informationFederated Access. Identity & Privacy Protection
Federated Access Identity & Privacy Protection Presented at: Information Systems Security Association-Northern Virginia (ISSA-NOVA) Chapter Meeting Presented by: Daniel E. Turissini Board Member, Federation
More informationFederal Identity, Credential, and Access Management Trust Framework Solutions
Federal Identity, Credential, and Access Management Trust Framework Solutions Trust Framework Provider Adoption Process (TFPAP) for Levels of Assurance 1, 2, 3 and 4 Version 1.1.0 Document History Status
More informationPublic Key Infrastructure
Public Key Infrastructure Ed Crowley Summer 11 1 Topics Public Key Infrastructure Defined PKI Overview PKI Architecture Trust Models Components X.509 Certificates X.500 LDAP 2 Public Key Infrastructure
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.3 Effective
More informationSECURING MOBILITY. Through the Canadian Medium Assurance Solutions Program. ICMC May Greg Hills Director, Architecture and Technology Assurance
SECURING MOBILITY Through the Canadian Medium Assurance Solutions Program ICMC May 2016 Greg Hills Director, Architecture and Technology Assurance PAGE 1 INTRODUCTION Basic, Medium, and High Assurance
More informationScaling Interoperable Trust through a Trustmark Marketplace
Scaling Interoperable Trust through a Marketplace John Wandelt Georgia Tech Research Institute This work was performed under the following financial assistance award 70NANB13H189 from the U.S. Department
More informationPKI Services. Text PKI Definition. PKI Definition #1. Public Key Infrastructure. What Does A PKI Do? Public Key Infrastructures
Public Key Infrastructures Public Key Infrastructure Definition and Description Functions Components Certificates 1 2 PKI Services Security Between Strangers Encryption Integrity Non-repudiation Key establishment
More informationElaine Barker and Allen Roginsky NIST June 29, 2010
Elaine Barker and Allen Roginsky NIST June 29, 2010 Background: Cryptography is used to protect sensitive information Attackers are becoming smarter, and computers are becoming more powerful Many commonly
More informationInteragency Advisory Board Meeting Agenda, December 7, 2009
Interagency Advisory Board Meeting Agenda, December 7, 2009 1. Opening Remarks 2. FICAM Segment Architecture & PIV Issuance (Carol Bales, OMB) 3. ABA Working Group on Identity (Tom Smedinghoff) 4. F/ERO
More informationPublic Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman
Public Key Infrastructure PKI National Digital Certification Center Information Technology Authority Sultanate of Oman Agenda Objectives PKI Features etrust Components Government eservices Oman National
More informationX.509. CPSC 457/557 10/17/13 Jeffrey Zhu
X.509 CPSC 457/557 10/17/13 Jeffrey Zhu 2 3 X.509 Outline X.509 Overview Certificate Lifecycle Alternative Certification Models 4 What is X.509? The most commonly used Public Key Infrastructure (PKI) on
More informationInteragency Advisory Board Meeting Agenda, Wednesday, July 27, 2011
Interagency Advisory Board Meeting Agenda, Wednesday, July 27, 2011 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. A TWIC Program Status and Update (John Schwartz, TSA) 3. CAC/PKI Logon to Warriorgateway.org
More informationKeep your fingers off my keys today & tomorrow
SIGS SE February 2017 Keep your fingers off my keys today & tomorrow Marcel Dasen VP Engineering Securosys SA Keys? Encryption keys asymmetric e.g. RSA, ECC public/private key pairs for wrapping symmetric
More informationDoD Wireless Smartphone Security Requirements Matrix Version January 2011
DoD Wireless Smartphone Security s Matrix Version 3.5 21 January 2011 1 This matrix was developed by Defense Information Systems Agency Field Security Operations (DISA FSO) and is an unofficial compilation
More informationApple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 1.0 Effective Date: March 12, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationApple Inc. Certification Authority Certification Practice Statement. Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Version 4.0 Effective Date: September 18, 2013 Table of Contents
More informationIntroduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution
Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution Egemen K. Çetinkaya Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University
More informationCertification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive
Certification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive Asseco Data Systems S.A. Podolska Street 21 81-321 Gdynia, Poland Certum - Powszechne
More informationAeroMACS Public Key Infrastructure (PKI) Users Overview
AeroMACS Public Key Infrastructure (PKI) Users Overview WiMAX Forum Proprietary Copyright 2019 WiMAX Forum. All Rights Reserved. WiMAX, Mobile WiMAX, Fixed WiMAX, WiMAX Forum, WiMAX Certified, WiMAX Forum
More informationNational Identity Exchange Federation. Terminology Reference. Version 1.0
National Identity Exchange Federation Terminology Reference Version 1.0 August 18, 2014 Table of Contents 1. INTRODUCTION AND PURPOSE... 2 2. REFERENCES... 2 3. BASIC NIEF TERMS AND DEFINITIONS... 5 4.
More information