DOC PREVIEW
MASON ECE 636 - Lecture Slides

This preview shows page 1 out of 3 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 3 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 3 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

6XUYH\ RI 3XEOLF .H\,QIUDVWUXFWXUH 6RIWZDUH3DFNDJHV%\Kevin Magee & Matt RutherfordECE 636Spring 2001Prof. GajPublic Key InfrastructureA product Survey• Project Objective• Overcoming the Terminology• Enterprise PKI Standards• What’s Important in a PKI• The Candidates• Weighted Matrix Results• WinnerProject Objective• Canvass the market place for commercial PKIproducts• Develop a weighted matrix of PKI attributes forcomparing PKI products• Defend a recommendation as to the bestcommercially available PKI solutionOvercoming the Terminology“In addition to X.509 3.0, UniCERT supports DSAand ECDSA signing algorithms, PKIX messages,PKCS standards 1, 5, 7, 8, 9, 10, 11 and 12 alongwith DAP and LDAP and the use of generic SQLdatabase management operations. ““[Entrust supports] X.509 v3, PKCS#10, PKCS#7,PEM/BASE64, ASN.1, MD-5, SHA-1, LDAP v2, RSA1024, DES 56, CAST 128. “Client SystemPrivateKeyStorageCrypto Cards/TokensPKCS #11,#15,FIPS 140 2-4SSL,S/MIME,IPSEC, PKCS #1,#3,#7, #13 Certificate Auth.Registration Auth.RFC 2459,2527RFC 2510,2511, PKIX CMP,ITSEC E3CEPServersCert.RepositoryX.509 v.3Cert. FormatPKCS #6,#9, #10, OCSP,RFC 2527,2528,2559,2560,2585,2587Enterprise PKI StandardsPKCS #5,#8,#9,#12PKCS #5,#8,#9,#12PrivateKeyStorageWhat’s Important In A PKI10 Primary Categories• Certificate Support (16%)• Revocation Methods (15%)• Scalability ( 8%)• Security ( 8%)• Registration Mechanism (14%)• Directory Support ( 4%)• Smart Card/Token Support ( 8%)• Interoperability (12%)• Key Management ( 6%)• Management Interface ( 9%)Certificate Support (16%)Formats Supported (4%) X.509v.3Standard/Private Extensions (4%) Yes/NoMultiple Keys/Certificates (4%) Yes/NoCustomization (4%) Yes/NoCRL (4%) Yes/NoOCSP (4%) Yes/NoCRT (4%) Yes/NoCRL Distribution Points (3%) Yes/NoRevocation Methods (15%)Scalability (8%)Modularity (3%) CA,RA,GatewayInstallation Platform (2%) NT/SunCapacity (3%) User Limit Client (2%) PKCS#7,SSL,plug-inCA/RA Comms (2%) PKIX CMPCA/RA Protection (2%) HW/SW/Tokens/Smart CardsHardware Protection (2%) Yes/NoSecurity (8%)Registration Mechanism (14%)Face to Face (2%) Yes/NoBulk Automated (2%) Yes/NoWeb (2%) Yes/NoEmail (2%) Yes/NoVPN (2%) Yes/NoDirect Certification (2%) Yes/NoTool Kit Availability (2%) Yes/NoDirectory (2%) Own/third partyOwn Directory out of box (2%) Yes/NoCreate new PKI objects (2%) Yes/NoDirectory Support (4%)Smart Card and Token Support (8%)Interface Standards (2%) PKCS #11Client Protection (2%) Smart Card/Virtual Smart CardCA Admin Protection (2%) Smart Card/TokenRA Admin Protection (2%) Smart Card/TokenCA Standards (3%) x.509v3, RSA,DSARA Standards (3%) PKCS#11, PKIX CMPCrypto HW Standards (2%) FIPS 140 2-4;DES,RSA,PKCS #1,MD5,SHA1Directory Standards (2%) LDAP,DAPCertificate Protocols (2%) X.509v3;FPKIInteroperability (12%)Key Management (6%)Automatic key update (2%) Yes/NoAutomatic key histories (2%) Yes/NoKey backup/recovery (2%) Yes/NoCA Admin (2%) GUI,Web based,Command LineLogging/Reporting (2%) Yes/NoPolicy Based Mgt. (2%) Yes/NoMultiple Cas (2%) Yes/NoMultiple Ras (1%) Yes/NoManagement Interface (9%)The Candidates• Baltimore Technology/Unicert• BT Trustwise/OnSite• OnSite/Entrust• IBM/IBM SecureWay• RSA/Keon02468101214161820Cert. Support Rev. Methods Scalability SecurityUnicertOnSiteEntrustIBMRSA KeonWeighted Results02468101214161820Registration Direct.SupportSmartCard/TokenUnicertOnSiteEntrustIBMRSA KeonWeighted Results (contd.)02468101214161820Interoperability Key Mgt. Mgt. InterfaceUnicertOnSiteEntrustIBMRSA KeonWeighted Results (contd.)90.5584.1996.4685.3680.5707580859095100UnicertOn-SiteEntrustIBMRSA KeonFinal


View Full Document

MASON ECE 636 - Lecture Slides

Documents in this Course
Load more
Download Lecture Slides
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture Slides and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture Slides 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?