Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

1. Public Key Infrastructure Definition: A public key infrastructure

advertisement 
1. Public Key Infrastructure
Definition:
A public key infrastructure (PKI) is an arrangement that provides for
•
trusted third party vetting of,
•
and vouching for,
•
user identities.
Note: Broadly, vetting is a process of examination and evaluation.
1.1. Purpose and Function
•
PKI arrangements enable computer users to be authenticated
•
To use each other’s public key
•
Which allows to decrypt and encrypt messages send between receiver and sender
-2-
1.2. Certificate History
Stolen from: http://www.cs.auckland.ac.nz/˜pgut001/pubs/pkitutorial.pdf
•
Why is X.509 PKI so complicated?
•
Original paper on publick-key encryption proposed the Public File
•
—
Public-key white pages
—
Key present -> valid
—
Communications where protected by a signature
Straight forward in 1976 - not today
1.3. X.500
•
X.500 proposed various access control mechanisms
•
series of cmputer networking standards
—
DAP (Directory Access Protocol)
—
DSP (Directory System Protocol)
—
DISP (Directory Information Shadowing Protocol)
—
DOP (Directory Operational Bindings Management Protocol)o
•
presentation layer given to users was that the DNS site name "www.foobar.com" was verified in a
browser
•
user has reached the correct web site via HTTPS.
•
CA Certs are loaded into the browser statically
•
the browser can verify the SSL cert of the website.
1.4. Use Case
Skip :)
1.5. Ten Risks of PKI
Computer security has been victim of the "year of the..." syndrome. First it was firewalls, then intrusion
detection systems, then VPNs, and now certification authorities (CAs) and public-key infrastructure (PKI).
"If you only buy X," the sales pitch goes, "then you will be secure." But reality is never that simple, and
that is especially true with PKI.
1.6. 1
Who do we trust, and for what?" There’s a risk from an imprecise use of the word "trust." A CA is often
defined as trusted.
1.7. 2
Who is using my key?
1.8. 3
How secure is the verifying computer?
1.9. 4
Which John Robinson is he?
1.10. 5
Is the CA an authority?
-3-
1.11. 6
Is the user part of the security design?
1.12. 7
Was it one CA or a CA plus a Registration Authority?
1.13. 8
How did the CA identify the certificate holder?
1.14. 9
How secure are the certificate practices?
1.15. 10
Why are we using the CA process, anyway?
-4-
1.16. Call for Paper
** Apologies for multiple copies **
F i n a l
C a l l
F o r
P a p e r s
Fourth European PKI Workshop: Theory and Practice (EuroPKI’07)
28-30 June 2007
Palma de Mallorca, Balearic Islands, Spain
http://dmi.uib.es/europki07
The 4th European PKI Workshop: Theory and Practice is focusing on all
research aspects of Public Key Applications, Services and Infrastructures.
Submitted papers may present theory, applications or practical experiences
on topics including, but not limited to:
-
Architecture and Modeling
Authentication
Authorization and Delegation
Bridge CA
Case Studies
Certificates Status
Certification Policy
Certification Practices
Cross Certification
Directories
eCommerce/eGovernment
Evaluation
Fault-Tolerance
Federations
ID-based schemes
Identity Management
Implementations
Interoperability
Key Management
Legal issues
Long-time archiving
Mobile PKI
Policies & Regulations
Privacy
Privilege Management
Protocols
Reliability in PKI
Repositories
Risk/attacks
Standards
Timestamping
Trust
Ubiquitous scenarios
Verification
*Instructions for paper submission
-5-
The Workshop welcomes original papers from academic, government, and
industry contributors dealing with the above or related issues. Papers which
describe ongoing research or provide an excellent surveying work are
welcome too. All submissions will be subjected to a thorough blind review by
at least three reviewers. Papers should be up to 6000 words in English,
including references and well-marked appendices.
Like in all previous EuroPKI events, it is planned that accepted papers are
published by Springer in the Lecture Notes in Computer Science (LNCS)
series.
To submit a paper, please follow instructions on the Workshop webpage.
Note that the submitted paper (PDF or PostScript format), must follow the
template indicated at (http://www.springer.de/comp/lncs/authors.html)
by Springer, starting with a title, a short abstract, and a list of keywords,
with no author names, affiliations, acknowledgements, nor obvious references.
* Special Issue
A Special Issue of EuroPKI 2007 with extended versions of the best papers
of the workshop will be published in the "Journal of Computer Security"
(http://www.iospress.nl/loadtop/load.php?isbn=0926227x), IOS Press.
Note also that those selected papers will need to undergo another round
of review.
* Important dates
Submission of papers: February 28, 2007
Notification to authors: March 30, 2007
Camera-ready copies: April 16, 2007
* Programme Committee co-Chairs
Javier Lopez, University of Malaga, Spain
Pierangela Samarati, University of Milan, Italy
*General Chair
Jose L. Ferrer, University of Balearic Islands, Spain
*Programme Committee:
Carlisle Adams, University of Ottawa, Canada
Oscar Canovas, University of Murcia, Spain
Sabrina De Capitani di Vimercati, University of Milan, Italy
David Chadwick, University of Kent, UK
Marco Cremonini, University Of Milan, Italy
Jorge Davila, UPM, Spain
Ed Dawson, QUT, Australia
Stephen Farrell, Trinity College Dublin, Ireland
Jordi Forne, Polytechnic University of Catalonia, Spain
Dieter Gollmann, Hamburg University of Technology, Germany
Stefanos Gritzalis, University of Aegean, Greece
Dimitris Gritzalis, AUEB, Greece
Socrates Katsikas, University of Aegean, Greece
Stephen Kent, BBN Technologies, USA
Kwangjo Kim, ICU, Korea
Chi-Sung Laih, National Cheng Kung University, Taiwan
Antonio Lioy, Politecnico di Torino, Italy
Fabio Martinelli, IIT-CNR, Italy
Apol.lonia Martinez, University of Balearic Islands, Spain
-6-
Fabio Massacci, University of Trento, Italy
Stig F. MjC8lsnes, NTNU, Norway
Jose A. Montenegro, University of Malaga, Spain
Yi Mu, University of Wollongong, Australia
Rolf Oppliger, eSecurity, Switzerland
Eiji Okamoto, University of Tsukuba, Japan
Guenther Pernul, University of Regensburg, Germany
Bart Preneel, Katholieke Univ. Leuven, Belgium
Chunming Rong, University of Bergen, Norway
Kouichi Sakurai, Kyushu University, Japan
Ravi Sandhu, George Mason University, USA
Damien Sauveron, University of Limoges, France
Sean Smith, Dartmouth College, USA
Julien Stern, Cryptolog, France
Jianying Zhou, I2R, Singapore
Sencun Zhu, Penn State University, USA
* Links to
EuroPKI’06
EuroPKI’05
EuroPKI’04
previous EuroPKI events
- http://security.polito.it/europki2006/
- http://sec.isi.salford.ac.uk/europki2005/index.shtml
- http://www.aegean.gr/EuroPKI2004/
--------------------------------------------------------------------To unsubscribe, e-mail: computational.science-unsubscribe@lists.optimanumerics.com
For additional commands, e-mail: computational.science-help@lists.optimanumerics.com
Computational Science mailing list hosting is provided by
OptimaNumerics (http://www.OptimaNumerics.com)
---------------------------------------------------------------------
Related documents
Presentation (Powerpoint) - Department of Computer Science
Presentation (Powerpoint) - Department of Computer Science
Digital Certificate
Digital Certificate
Parents Rights Form - Cainsville RI School District
Parents Rights Form - Cainsville RI School District
Spain Webquest #3 - Beachwood City Schools
Spain Webquest #3 - Beachwood City Schools
First CN for Chap. 2.2
First CN for Chap. 2.2
Chapter 11 Block 1
Chapter 11 Block 1
The Seven Chairs Ruby
The Seven Chairs Ruby
Southern Europe
Southern Europe
SER Report - Christ Presbyterian Church
SER Report - Christ Presbyterian Church
e2-Capital Pte Ltd - Infocomm Development Authority of Singapore
e2-Capital Pte Ltd - Infocomm Development Authority of Singapore
PPT - oasis pki
PPT - oasis pki
PPT - oasis pki
PPT - oasis pki
Download
advertisement