1 / 34

USCGrid

USCGrid. A (Very Quick) Introduction To Authn/Authz. http://www.usc.edu/isd/services/uscgrid. USCGrid: A (Very Quick) Intro to Authn/Authz. Security – The Bird’s-eye View Authn Authz References. USCGrid: A (Very Quick) Intro to Authn/Authz. Security – The Bird’s-eye View Authn Authz

miriam
Download Presentation

USCGrid

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. USCGrid A (Very Quick) Introduction To Authn/Authz http://www.usc.edu/isd/services/uscgrid

  2. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View • Authn • Authz • References USCGrid at Internet2

  3. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View • Authn • Authz • References USCGrid at Internet2

  4. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View Q: Everybody wants a secure network. USCGrid at Internet2

  5. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View Q: Everybody wants a secure network. Nobody wants servers broken into. USCGrid at Internet2

  6. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View Q: Everybody wants a secure network. Nobody wants servers broken into. How do the NMI components address security? USCGrid at Internet2

  7. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. USCGrid at Internet2

  8. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Authentication USCGrid at Internet2

  9. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Authentication – which concerns itself with verifying identity. USCGrid at Internet2

  10. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Authentication – which concerns itself with verifying identity. Authorization USCGrid at Internet2

  11. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Authentication – which concerns itself with verifying identity. Authorization – which determines what an authenticated user (or program) is allowed to do. USCGrid at Internet2

  12. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Confidentiality USCGrid at Internet2

  13. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Confidentiality – which ensures that no one except the intended parties can gain access to information. USCGrid at Internet2

  14. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Confidentiality – which ensures that no one except the intended parties can gain access to information. Data integrity USCGrid at Internet2

  15. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Confidentiality – which ensures that no one except the intended parties can gain access to information. Data integrity – which guards against tampering. USCGrid at Internet2

  16. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Auditing USCGrid at Internet2

  17. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Auditing – which logs information as things happen. USCGrid at Internet2

  18. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Auditing – which logs information as things happen. Intrusion detection USCGrid at Internet2

  19. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. Auditing – which logs information as things happen. Intrusion detection – which notices break-ins. USCGrid at Internet2

  20. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View A: There are several aspects to security. We’re only going to look at Authentication – authn in security lingo – and Authorization – authz in security lingo. USCGrid at Internet2

  21. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View • Authn • Authz • References USCGrid at Internet2

  22. USCGrid: A (Very Quick) Intro to Authn/Authz • Authn Q: Authn concerns itself with verifying identity. It’s the soldier’s challenge – and his comrade’s response. USCGrid at Internet2

  23. USCGrid: A (Very Quick) Intro to Authn/Authz • Authn Q: Authn concerns itself with verifying identity. It’s the soldier’s challenge – and his comrade’s response. How does NMI handle authn? USCGrid at Internet2

  24. USCGrid: A (Very Quick) Intro to Authn/Authz • Authn A: There are a couple of different mechanisms used by NMI for authn. USCGrid at Internet2

  25. USCGrid: A (Very Quick) Intro to Authn/Authz • Authn A: There are a couple of different mechanisms used by NMI for authn. Public Key Infrastructure (PKI) technology is used by the Globus Toolkit. USCGrid at Internet2

  26. USCGrid: A (Very Quick) Intro to Authn/Authz • Authn A: There are a couple of different mechanisms used by NMI for authn. Public Key Infrastructure (PKI) technology is used by the Globus Toolkit. However, this segment will instead look at PubCookie, a component that uses passwords. USCGrid at Internet2

  27. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View • Authn • Authz • References USCGrid at Internet2

  28. USCGrid: A (Very Quick) Intro to Authn/Authz • Authz Q: Authz determines what an authenticated user (or program) is allowed to do. USCGrid at Internet2

  29. USCGrid: A (Very Quick) Intro to Authn/Authz • Authz Q: Authz determines what an authenticated user (or program) is allowed to do. How does NMI handle authz? USCGrid at Internet2

  30. USCGrid: A (Very Quick) Intro to Authn/Authz • Authz A: There are a couple of different mechanisms used by NMI for authz. USCGrid at Internet2

  31. USCGrid: A (Very Quick) Intro to Authn/Authz • Authz A: There are a couple of different mechanisms used by NMI for authz. However, this segment will look at Shibboleth, a component that can grant authorization without knowing the identity of the person requesting authorization. USCGrid at Internet2

  32. USCGrid: A (Very Quick) Intro to Authn/Authz • Security – The Bird’s-eye View • Authn • Authz • References USCGrid at Internet2

  33. USCGrid: A (Very Quick) Intro to Authn/Authz • References Kerberos: A Network Authentication System. Brian Tung. Addison-Wesley. 1999. SSH: The Secure Shell: The Definitive Guide. Daniel J. Barret & Richard E. Silverman. O’Reilly & Associates. 2001. USCGrid at Internet2

  34. USCGrid: A (Very Quick) Intro to Authn/Authz • References Practical Unix & Internet Security. Simson Garfinkel & Gene Spafford. O’Reilly & Associates. 1996. Shibboleth Project. http://shibboleth.internet2.edu PubCookie.http://www.washington.edu/pubcookie USCGrid at Internet2

More Related