Скачать презентацию UPKI Activities — July 2008 NII UPKI Скачать презентацию UPKI Activities — July 2008 NII UPKI

990368ca55ff6f2095dc22c3d5b30e46.ppt

  • Количество слайдов: 10

UPKI Activities - July 2008 NII & UPKI Initiative Hideaki Sone, Tohoku University UPKI Activities - July 2008 NII & UPKI Initiative Hideaki Sone, Tohoku University

UPKI Plan in FY 2008 (April-March) • UPKI WG in NII – in collaboration UPKI Plan in FY 2008 (April-March) • UPKI WG in NII – in collaboration with universities and “ac. jp” institutes • Public PKI Layer – Server Certificate Project – Client Certificate (Study) • Campus PKI Layer – Federation between Campus PKIs – Promotion of Campus PKI – R&D of Applications for Campus PKI • Grid PKI – Cooperation with GOC (Grid Op Ctr)

Collaborating Campus PKI in FY 2008 Server Certificate Client Certificate (study) C Public PKI Collaborating Campus PKI in FY 2008 Server Certificate Client Certificate (study) C Public PKI Layer F ed e ra at e e rt i f ic WTCA Cert DB t ion wit h Federation in LAN Access Uni vs Int’l Fed’n Use in applications Campus PKI Layer NII Univ DB Univ Content certification CiNii Univ DBCiNii E-Journals Foregn Universities NII Id. P federation N C ri d e at e f ic rt i ry G U DB Univ Id. P ent th Au by niv Foreign e-Jounals Job Time Certificate ration Id. P Federation Univ Id. P Hosting Id. P Univ Fede Grid PKI Layer Grid Operation Grid CA Domestic Grid sites Foreign Grid Sites

Promotion of Campus PKI (AAI) • • Working groups (Chair: Okabe@Kyoto-u) NII Open-House, events, Promotion of Campus PKI (AAI) • • Working groups (Chair: Okabe@Kyoto-u) NII Open-House, events, Seminars, caravan, lectures Collaboration with academic/research meetings – TERENA (REFEDS, TNC, etc. ) – SWITCH (Shibboleth Fests) – APAN Middleware WG (-2008)

Federation between Campus PKIs “UPKI-Fedration” • Trial of Federating SSO over Shibboleth – Mixture Federation between Campus PKIs “UPKI-Fedration” • Trial of Federating SSO over Shibboleth – Mixture of PKI + ID/PW auth. – Id. P’s + SP’s in universities (+NII) – Automatic redirection – Mgmt policies for Japanese Univs – Start UPKI-Fed in 2009

Activities for “UPKI-Fedration” • 2006 – Study of Shibboleth 1. 3, SAML 2. 0 Activities for “UPKI-Fedration” • 2006 – Study of Shibboleth 1. 3, SAML 2. 0 • 2007 – UPKI members visited SWITCH to learn SWITCH AAI. – NII invited Mr. Nate Klingenstein from Internet 2 to support UPKI-Fed plan. – Development of Shib-PKI (DS Plug-in). – Development of Testbed including Shib-PKI Plug-in. – Overall Plan and Initial Policy Draft for UPKI-Fed

Server Certificate Project • Trial (-- FY 2009) – Practical study on various cases Server Certificate Project • Trial (-- FY 2009) – Practical study on various cases • Fault certificate (cancel & re-issue) • Procedure for renewal (after expiration) • Virtual hosts, Mass (bulk) application (450) – Audit – Policies (CP, CPS, etc. ) and models • 62 institutes, 492 certificates – Feedback, Survey

Number of Server Certificates Number of Server Certificates

R&D of Applications for Campus PKI • Network Access Roaming – eduroam (Operation, Promotion, R&D of Applications for Campus PKI • Network Access Roaming – eduroam (Operation, Promotion, R&D) – Roaming with Commercial ISPs – Next Generation • 1300 High-Edu’s in Japan, Access Ctrl, VPN, etc. • UPKI Specifications (Std of Recmdn) – Sample CP/CPS guidelines • Time Cert. , SSO, roaming VPN over SINET 3 • S/MIME repository servers

UPKI Website • www. upki-portal. jp – (Japanese literacy required) UPKI Website • www. upki-portal. jp – (Japanese literacy required)