Pki implementation at the university of wisconsin madison
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

PKI Implementation at the University of Wisconsin-Madison PowerPoint PPT Presentation


  • 71 Views
  • Uploaded on
  • Presentation posted in: General

PKI Implementation at the University of Wisconsin-Madison. CIC Presentation Nicholas A. Davis November 7, 2005. Overview. AuthN/Z at UW-Madison Quick outline of PKI technology Why the UW-Madison uses PKI History of PKI at UW-Madison How the technology is being used

Download Presentation

PKI Implementation at the University of Wisconsin-Madison

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Pki implementation at the university of wisconsin madison

PKI Implementation at the University of Wisconsin-Madison

CIC Presentation

Nicholas A. Davis

November 7, 2005


Overview

Overview

AuthN/Z at UW-Madison

Quick outline of PKI technology

Why the UW-Madison uses PKI

History of PKI at UW-Madison

How the technology is being used

Current challenges

On the horizon

Q&A session


Communities served by uw madison authnz

Communities Served by UW-Madison AuthNZ


Outline of pki technology

Outline of PKI technology

PKI - Acronym for Public Key Infrastructure

Confidentiality

Authenticity

Integrity

Non-repudiation

The Infrastructure portion of PKI


Why uw madison uses pki

Why UW-Madison uses PKI

HIPAA

FERPA

Research activities

Open network

Higher education PKI partners

Help and learn from Internet2, Educause and CIC


Uw madison pki activity

2002 – Present

Provided Digital Certs to Shibboleth Testing Community

2003 – Present

Pilot CA service made available to selective applications

Spring - 2005

Presentation to DoIT CIO’s Office relating to PKI technical findings and costs

September 2000

Created PKILab with CS and others

2001

IAIMS Secure Email Pilot

Fall 2003

CA server installed in production

Summer 2004

Campus Requirements Gathering and RFI

Sept. 2005

End user cert

Deployment

2002

Participated in Federal Bridge Pilot Project

UW-Madison PKI Activity

2000


Pki infrastructure

PKI infrastructure

The U.W.-Madison PKI is co-managed

Time to implement

Cost to implement

Off site key backup

The Equifax Secure Ebusiness CA1

Ability to migrate easily to in house solution


How the technology is being used

How the technology is being used

Faculty – Staff – Students

120 “Early Adopters”

Cryptographic USB devices

Windows and Macintosh

Digitally sign files and email

Encrypt email and attachments

Outlook, Outlook Express, Thunderbird and Mail.app


The look of uw madison digital certificiates

The look of UW-Madison digital certificiates


Case examples

Case Examples

UW-Madison Survey Center

University Health Services

Division of Information Technology

Social Sciences

Various Help Desks across campus


Current challenges

Current challenges

Decentralized IT environment

Cost

Reaching critical mass

Education

Scaling

User management and CRLs


The cost of not doing pki

The cost of not doing PKI

University of California at Berkeley

Stanford University

University of Tennessee

George Mason University

Qualcomm


On the horizon

On the horizon

Proposed digital signing of mass emails

Proposed authentication to “high value” workstations and servers

Proposed SSL certificates

Convergence of other authentication technologies

Digital signing as a replacement for ink signatures?


Critical success factors

Critical success factors

Transparency to the end users

Ease of administration

A clear roadmap and menu of service offerings

Organizational awareness and education

Top down management support and awareness of the complexity related to PKI policy

A willingness to understand that rolling out a PKI is an iterative process of continuous improvement


Summary

Summary

UW-Madison went live with PKI in September, 2005

Macintosh and Windows

Email and file encryption and signing

PKI as a technology suffers in general from several implementation challenges

Running a successful PKI is an iterative process with some degree of fluidity

Benefits of implementing a PKI far outweigh the risks of not having a PKI


Questions and feedback

Questions and feedback

www.doit.wisc.edu/middleware/pki

Nicholas Davis

University of Wisconsin-Madison

Division of Information Technology

[email protected]

608-262-3837


  • Login