1 / 16

PKI Implementation at the University of Wisconsin-Madison

PKI Implementation at the University of Wisconsin-Madison. CIC Presentation Nicholas A. Davis November 7, 2005. Overview. AuthN/Z at UW-Madison Quick outline of PKI technology Why the UW-Madison uses PKI History of PKI at UW-Madison How the technology is being used

Download Presentation

PKI Implementation at the University of Wisconsin-Madison

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. PKI Implementation at the University of Wisconsin-Madison CIC Presentation Nicholas A. Davis November 7, 2005

  2. Overview AuthN/Z at UW-Madison Quick outline of PKI technology Why the UW-Madison uses PKI History of PKI at UW-Madison How the technology is being used Current challenges On the horizon Q&A session

  3. Communities Served by UW-Madison AuthNZ

  4. Outline of PKI technology PKI - Acronym for Public Key Infrastructure Confidentiality Authenticity Integrity Non-repudiation The Infrastructure portion of PKI

  5. Why UW-Madison uses PKI HIPAA FERPA Research activities Open network Higher education PKI partners Help and learn from Internet2, Educause and CIC

  6. 2002 – Present Provided Digital Certs to Shibboleth Testing Community 2003 – Present Pilot CA service made available to selective applications Spring - 2005 Presentation to DoIT CIO’s Office relating to PKI technical findings and costs September 2000 Created PKILab with CS and others 2001 IAIMS Secure Email Pilot Fall 2003 CA server installed in production Summer 2004 Campus Requirements Gathering and RFI Sept. 2005 End user cert Deployment 2002 Participated in Federal Bridge Pilot Project UW-Madison PKI Activity 2000

  7. PKI infrastructure The U.W.-Madison PKI is co-managed Time to implement Cost to implement Off site key backup The Equifax Secure Ebusiness CA1 Ability to migrate easily to in house solution

  8. How the technology is being used Faculty – Staff – Students 120 “Early Adopters” Cryptographic USB devices Windows and Macintosh Digitally sign files and email Encrypt email and attachments Outlook, Outlook Express, Thunderbird and Mail.app

  9. The look of UW-Madison digital certificiates

  10. Case Examples UW-Madison Survey Center University Health Services Division of Information Technology Social Sciences Various Help Desks across campus

  11. Current challenges Decentralized IT environment Cost Reaching critical mass Education Scaling User management and CRLs

  12. The cost of not doing PKI University of California at Berkeley Stanford University University of Tennessee George Mason University Qualcomm

  13. On the horizon Proposed digital signing of mass emails Proposed authentication to “high value” workstations and servers Proposed SSL certificates Convergence of other authentication technologies Digital signing as a replacement for ink signatures?

  14. Critical success factors Transparency to the end users Ease of administration A clear roadmap and menu of service offerings Organizational awareness and education Top down management support and awareness of the complexity related to PKI policy A willingness to understand that rolling out a PKI is an iterative process of continuous improvement

  15. Summary UW-Madison went live with PKI in September, 2005 Macintosh and Windows Email and file encryption and signing PKI as a technology suffers in general from several implementation challenges Running a successful PKI is an iterative process with some degree of fluidity Benefits of implementing a PKI far outweigh the risks of not having a PKI

  16. Questions and feedback www.doit.wisc.edu/middleware/pki Nicholas Davis University of Wisconsin-Madison Division of Information Technology ndavis1@wisc.edu 608-262-3837

More Related