Extending Technology Roadmap through Fuzzy Cognitive Map ...
Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer
-
Upload
graiden-brady -
Category
Documents
-
view
40 -
download
0
description
Transcript of Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer
![Page 1: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/1.jpg)
1
Extending the Reach ofPublic Key Technology
Joe KovaraChief Technology Officer
Center forAppliedCryptographicResearch
Simon Fraser UniversityVancouver, BCJune 9, 1999
![Page 2: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/2.jpg)
ObjectivesObjectives
• Obtain PK benefits– Sooner rather than later– At an acceptable rate of change
$ per unit time
• Reduce PK and non-PK gap– Align with what we have today– Reduce the gap in the future
• Approach– Adapt the technology first– Adapt the rest later
![Page 3: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/3.jpg)
Traditional Public Key ViewTraditional Public Key View
![Page 4: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/4.jpg)
PK Deployment ObstaclesPK Deployment Obstacles
Administration: Policy Enforcement
Key Escrow
Registration: Bootstrapping
Revocation: Scale
Applications
Key Storage: Protection
Portability
Performance
![Page 5: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/5.jpg)
?
Then What?Then What?
MVS
Windows
Unix
Novell
Kerberos 5
Kerberos 4
Passticket
Proprietary
Legacy Other Systemsand Technologies
![Page 6: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/6.jpg)
New Opportunities
Consumers
More efficient access
TrustBroker
More efficient delivery
Producers
Lower Risk
Smartcards
Brokering TrustBrokering Trust
Tokens
Public Key
GSS-API/K5
MVSPassticket
Web
Kerberos4& 5
Legacy
![Page 7: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/7.jpg)
•SimpleSimple•FamiliarFamiliar•Secure..Secure.... ……or more secure...or more secure...
Initial SignonInitial Signon
SmartcardSmartcard• DatakeyDatakey• SchlumbergeSchlumberge• ......
Public KeyPublic Key• EntrustEntrust• NetscapeNetscape• MicrosoftMicrosoft• ......
TokenToken• VascoVasco• SDISDI• SecureSecure• ......
Budget and need driven
![Page 8: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.fdocuments.us/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/8.jpg)
Public Key
GSS-API/K5
MVS TrustTicket
WebAgent
Kerberos 4 & 5
Legacy
• Web• Email• ...
• SAP/R3• Oracle• Windows 2000• ...
• MVS 3270– RACF– ACF/2– Top Secret
• Non-PK Web
• Windows 2000• telnet• ftp• r-utilities• ...
• Other applications
Application SignonApplication Signon
Tru
stB
roke
rC
redenti
als
Bro
ker
Application driven