client registration examples
Download
Skip this Video
Download Presentation
Client Registration Examples

Loading in 2 Seconds...

play fullscreen
1 / 9

Client Registration Examples - PowerPoint PPT Presentation


  • 140 Views
  • Uploaded on

Client Registration Examples. Alan Frindell 2/18/2011. Certificate Entity: Implicit self-registration. Server creates Entity record as a side effect of another KMIP request No special TTLV required – KMIP server extracts needed values from TLS certificate

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Client Registration Examples' - bert


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
client registration examples

Client Registration Examples

Alan Frindell

2/18/2011

certificate entity implicit self registration
Certificate Entity: Implicit self-registration
  • Server creates Entity record as a side effect of another KMIP request
  • No special TTLV required – KMIP server extracts needed values from TLS certificate
  • Assumed the client already has a cert signed by a CA trusted by KMIP server
  • Result:

Entity

UUID: ABCD-1234

Credential

Subject Type: X.509 Certificate Identifer

Subject Value: <serial_number>, <issuer_dn>

Subject Auth Info Type: X.509 Certificate

Subject Auth Info: <certificate>

certificate entity explicit self registration
Certificate Entity: Explicit self-registration
  • Register
    • Entity
      • Credential
        • Subject Type: X.509 Certificate Identifier
      • x-custom1: custom-value1
      • x-custom2: custom-value2
  • Certificate fields extracted from TLS
certificate entity registration
Certificate Entity: Registration
  • Register
    • Entity
      • Credential
        • Subject Type: X.509 Certificate Identifier
        • Subject Auth Info Type: X.509 Certificate
        • Subject Auth Info: <certificate>
      • x-custom1: custom-value1
      • x-custom2: custom-value2
  • Assumed registering Entity has privilege to register Entities
certificate entity authentication and access control
Certificate Entity: Authentication and Access Control
  • Authentication
    • Credential
      • Subject Type: X.509 Certificate Identifier
  • Server looks up Entity based on TLS certificate information
  • Server checks Entity UUID against request object Owner attribute
username password user registration
Username/Password User: Registration
  • Register
    • Entity
      • Credential
        • Subject Type: Username
        • Subject Value: “user1”
        • Subject Auth Info Type: Password
        • Subject Auth Info: “password”
      • x-custom1: custom-value1
      • x-custom2: custom-value2
username password user authentication and access control
Username/Password User: Authentication and Access Control
  • Authentication
    • Credential
      • Subject Type: Username
      • Subject Value: “user1”
      • Subject Auth Info Type: Password
      • Subject Auth Info: “password”
  • Server looks up Entity based on Subject Value
  • Server checks Entity UUID against request object Owner attribute
multi factor entity registration
Multi-factor Entity: Registration
  • Register
    • Entity
      • Credential
        • Subject Type: Username
        • Subject Value: “user1”
        • Subject Auth Info Type: Password
        • Subject Auth Info: “password”
      • Credenital
        • Subject Type: X.509 Certificate Identifier
        • Subject Auth Info Type: X.509 Certificate
        • Subject Auth Info: <certificate>
multi factor entity authentication
Multi-factor Entity: Authentication
  • Authentication
    • Credential
      • Subject Type: Username
      • Subject Value: “user1”
      • Subject Auth Info Type: Password
      • Subject Auth Info: “password”
    • Credenital
      • Subject Type: X.509 Certificate Identifier
  • Server looks up Entity based on each Subject Value – all must resolve to the same Entity
  • Server checks Entity UUID against request object Owner attribute
ad