extending the reach of public key technology joe kovara chief technology officer
DESCRIPTION
Center for Applied Cryptographic Research Simon Fraser University Vancouver, BC June 9, 1999. Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer. Objectives. Obtain PK benefits Sooner rather than later At an acceptable rate of change $ per unit time - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/1.jpg)
1
Extending the Reach ofPublic Key Technology
Joe KovaraChief Technology Officer
Center forAppliedCryptographicResearch
Simon Fraser UniversityVancouver, BCJune 9, 1999
![Page 2: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/2.jpg)
ObjectivesObjectives
• Obtain PK benefits– Sooner rather than later– At an acceptable rate of change
$ per unit time
• Reduce PK and non-PK gap– Align with what we have today– Reduce the gap in the future
• Approach– Adapt the technology first– Adapt the rest later
![Page 3: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/3.jpg)
Traditional Public Key ViewTraditional Public Key View
![Page 4: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/4.jpg)
PK Deployment ObstaclesPK Deployment Obstacles
Administration: Policy Enforcement
Key Escrow
Registration: Bootstrapping
Revocation: Scale
Applications
Key Storage: Protection
Portability
Performance
![Page 5: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/5.jpg)
?
Then What?Then What?
MVS
Windows
Unix
Novell
Kerberos 5
Kerberos 4
Passticket
Proprietary
Legacy Other Systemsand Technologies
![Page 6: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/6.jpg)
New Opportunities
Consumers
More efficient access
TrustBroker
More efficient delivery
Producers
Lower Risk
Smartcards
Brokering TrustBrokering Trust
Tokens
Public Key
GSS-API/K5
MVSPassticket
Web
Kerberos4& 5
Legacy
![Page 7: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/7.jpg)
•SimpleSimple•FamiliarFamiliar•Secure..Secure.... ……or more secure...or more secure...
Initial SignonInitial Signon
SmartcardSmartcard• DatakeyDatakey• SchlumbergeSchlumberge• ......
Public KeyPublic Key• EntrustEntrust• NetscapeNetscape• MicrosoftMicrosoft• ......
TokenToken• VascoVasco• SDISDI• SecureSecure• ......
Budget and need driven
![Page 8: Extending the Reach of Public Key Technology Joe Kovara Chief Technology Officer](https://reader035.vdocuments.net/reader035/viewer/2022062721/568135cc550346895d9d2fb5/html5/thumbnails/8.jpg)
Public Key
GSS-API/K5
MVS TrustTicket
WebAgent
Kerberos 4 & 5
Legacy
• Web• Email• ...
• SAP/R3• Oracle• Windows 2000• ...
• MVS 3270– RACF– ACF/2– Top Secret
• Non-PK Web
• Windows 2000• telnet• ftp• r-utilities• ...
• Other applications
Application SignonApplication Signon
Tru
stB
roke
rC
redenti
als
Bro
ker
Application driven