Summary from CA coordination and Security working group meeting
|
|
- Percival Fisher
- 8 years ago
- Views:
Transcription
1 Summary from CA coordination and Security working group meeting WP4 workshop
2 Security related meetings summary Certification Authorities coordination Organizationally a working group of WP6 Coordinates efforts for certification in various counties Gives guidance to new CA s now setting up Sets minimum standards for trustworthy CA s DataGrid Security coordination meeting Interested individuals concerned with security in the DataGrid at large Forum for security architecture discussions Coordination of security efforts within the WP s David Groep CA and DG security wg
3 Certification Authorities Currently 8 Certification Authorities: CERN (Pietro Martucci) INFN (Roberto Cecchini) DutchGrid/NIKHEF (David Groep) UKHEP (Andrew Sansum) CNRS datagrid-fr (Jean-Luc Archimbaud) LIP (Jorge Gomes) CESnet (Milan Sova and Daniel Kouril) Spain is preparing, Russia will start preparing David Groep CA and DG security wg
4 Certification minimal requirements Minimal requirements for certification authorities defined Non-networked machine Documented Certification Policy and Practice Statement (CP/CPS) Traceability of CPS in effect at time of signing (using OID s) CRL issuing required, lifetime between 7 and 30 days Relying parties should retrieve CRL preferably every day There will be no on-site auditing, we will crosscheck each others CP/CPS Entities should generate own key pairs (CA must not know!) Activity on recommending best-practice Grid CP/CPS in GGF (DataGrid has no manpower to get heavily involved) Drafted a list of recommended cert extensions David Groep CA and DG security wg
5 Certification Authorities in a Fabric None of the national CAs is prepared to issue host certificates to all hosts in a farm OK to apply for gatekeeper certs for LSF masters and such OK also for test bed 1 hosts with fork job manager WP4 has already a possible solution: FLIDS Automatic CRL retrieval, use the GetCerts package from cron soon to be included in WP6 distribution, now from DutchGrid CA site David Groep CA and DG security wg
6 Certification Authorities, Administrative A ca-coordination mailing is being set up by Dave Kelsey List can be used for incident reporting See also Detailed notes to be found from David Groep CA and DG security wg
7 DataGrid Security working group
8 DG Security-wg aims Identify security requirements and deliverables witin the WPs Implications of security on the DataGrid architecture (urgent) Identify lacking resources Self-organisation Extensive discussions planned for Lecce with Steve Tuecke David Groep CA and DG security wg
9 Security per Work Package (1) WP1 Will be managing the user s identities Jobs will probably run with the identity of the original user The applications don t care, as long as: Roles can be assigned to users and Quota can be associated with roles A user can have multiple roles (in different sessions), but only one cert WP2 Same issue with ownership of replicated files. Not resolved yet. David Groep CA and DG security wg
10 Security per Work Package (2) WP3 Will start using MDS-2 in PM9 Will have added GSI security, but does not use LDAP access rights No sub tree or element access control, just grid mapfile Only just started thinking about security issues for >PM9 WP4 Presented use case of job submission, GjMS, LCAS, LCMAPS & FLIDS For grid info services use WP3 framework GridGate should be relabelled NAT box No security comments on install-a-fresh-box use case David Groep CA and DG security wg
11 WP5 WP7 Security per Work Package (3) Will store files by uid/gid Will need a grid mapfile May be different form the one used by ComputeElement YAGM: Yet Another Grid Mapfile Interesting: they have three security deliverables and some committed manpower (PPARC 18 pm/3y, CERN 12 pm/3y, INFN & CNRS also) No-one in WP7 cares about security at large Only competent in network-layer security, so work might be done under ATF umbrella, formally staying in WP7 Once and for all: VPNs are a bad thing. The effort for the VPN test bed is going into a document to prove VPNs are useless DoS attacks will be the real issue in network security David Groep CA and DG security wg
12 Security per Work Package (4) WP8,10 (applications) Want less fuss with national CA s (150 counties in LHC!) sorry! Want single signon: one identity and multiple roles (1 role per session) Autorization by VO, VO decides on quota and groups Requirement common to all applications justify a common solution (CAS) Applications want to keep local site in control, but Local sites should publish their policies (abstracted) to show they are complying with the agreed MoUs Want a good USERS GUIDE WP10 has a lot of sensitive data, encryption preferred on application level anonymous ftp like areas, but restricted to any biologist David Groep CA and DG security wg
13 Policy language Obvious candidate is the work of the IRTF AAAARCH group Generic policy language currently an IRTF draft Or David Groep CA and DG security wg
14 Interaction between CE and SE Details: ATF (Germán) Some consensus seems to be Use GridFTP for for remote and local access to a SE Applications are prepared to refrain from local file system access (not use open(2)) Except for some scratch storage like /tmp Legacy applications should pre-declare their files To prevent rouge applications, the binaries may be signed The receiving end should verify the signature Users can make no assumptions about a local identity anywhere (gsi-ssh) David Groep CA and DG security wg
15 Firewall issues Current state on port numbers used is unclear Especially for return ports and user dynamic ports Nice to have all future access use predefined static ports, Providing secure gateways into the local fabric Like the WP4 proposal To be able to selective block malicious access David Groep CA and DG security wg
16 User mapping management for PM9 INFN: LDAP directory of users and groups generates a gridmapfile URL not yet defined Manchester: gridmapdir patch Possibly included in new Globus release by default Uid issues: most systems do 4 billion uids, but Linux = 2.2.x only 64K? David Groep CA and DG security wg
17 Future of the security working group Dave Kelsey will propose a somewhat more formal body to the PTB Should be driven by 3 named persons, to come from the three sites with committed effort (PPARC, INFN, CNRS) Lot of others should review documents and/or write a few pages for the architecture Framework for architecture given by DaveK Requirements by September/October Final Security architecture deliverable is in PM12 Detailed notes at David Groep CA and DG security wg
Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr
Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr Version 0.3 August 2002 Online : http://www.urec.cnrs.fr/igc/doc/datagrid-fr.policy.pdf Old versions Version 0.2 :
More informationRoberto Barbera. Centralized bookkeeping and monitoring in ALICE
Centralized bookkeeping and monitoring in ALICE CHEP INFN 2000, GRID 10.02.2000 WP6, 24.07.2001 Roberto 1 Barbera ALICE and the GRID Phase I: AliRoot production The GRID Powered by ROOT 2 How did we get
More informationGT 6.0 GSI C Security: Key Concepts
GT 6.0 GSI C Security: Key Concepts GT 6.0 GSI C Security: Key Concepts Overview GSI uses public key cryptography (also known as asymmetric cryptography) as the basis for its functionality. Many of the
More information2 Transport-level and Message-level Security
Globus Toolkit Version 4 Grid Security Infrastructure: A Standards Perspective The Globus Security Team 1 Version 4 updated September 12, 2005 Abstract This document provides an overview of the Grid Security
More informationGRIP:Creating Interoperability between Grids
GRIP:Creating Interoperability between Grids Philipp Wieder, Dietmar Erwin, Roger Menday Research Centre Jülich EuroGrid Workshop Cracow, October 29, 2003 Contents Motivation Software Base at a Glance
More informationArchitecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference
Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise
More informationManaging Credentials with
Managing Credentials with MyProxy Jim Basney National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu http://myproxy.ncsa.uiuc.edu/ What is MyProxy? A service for managing
More informationUsing Microsoft Active Directory for Checkpoint NG AI SecureClient
Using Microsoft Active Directory for Checkpoint NG AI SecureClient Dave Crowfoot www.works4me.com dave@works4me.com This is the solution that I came up with to utilize MS Active directory to authenticate
More informationJan Astalos Department of Parallel and Distributed Computing Institute of Informatics Slovak Academy of Sciences http://www.ui.sav.
IISAS Certification Authority Jan Astalos Department of Parallel and Distributed Computing Institute of Informatics Slovak Academy of Sciences http://www.ui.sav.sk IISAS and CrossGrid Grid application
More informationINFN Testbed status report
L. Gaido Oxford July, 2-5 2001 1 Dedicated resources (available now) Quantum Grid: 3-4 PCs in 15 sites: Bari, Bologna, Cagliari, Catania, Cnaf, Ferrara, Lecce, Legnaro, Milano, Napoli, Padova, Parma, Pisa,
More informationESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0
ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 June 30, 2004 Table of Contents Table of Contents...2 1 Introduction...3 1.1 Overview...3 1.1.1 General Definitions...4
More informationHow to Determine the Proxy Extension of a Grid Trust
Grid security infrastructure based on Globus Toolkit Valentin Vidić vvidic@irb.hr Center for Informatics and Computing Ruder Bošković Institute Bijenička cesta 54, Zagreb, Croatia January 2006 Abstract
More informationMapCenter: An Open Grid Status Visualization Tool
MapCenter: An Open Grid Status Visualization Tool Franck Bonnassieux Robert Harakaly Pascale Primet UREC CNRS UREC CNRS RESO INRIA ENS Lyon, France ENS Lyon, France ENS Lyon, France franck.bonnassieux@ens-lyon.fr
More informationThe ENEA-EGEE site: Access to non-standard platforms
V INFNGrid Workshop Padova, Italy December 18-20 2006 The ENEA-EGEE site: Access to non-standard platforms C. Sciò**, G. Bracco, P. D'Angelo, L. Giammarino*, S.Migliori, A. Quintiliani, F. Simoni, S. Podda
More informationAdministering the Web Server (IIS) Role of Windows Server
Course 10972A: Administering the Web Server (IIS) Role of Windows Server Course Details Course Outline Module 1: Overview and Installing Internet Information Services In this module students will learn
More informationUsing Globus Toolkit
Using Globus Toolkit G. Poghosyan & D. Nilsen GridKa School 11-15 September 2006 Basic Grid Services in GT Security Services GSI (Grid Security Infrastructure) Data Services GridFTP RFT (Reliable File
More informationThe ENEA gateway approach providing EGEE/gLite access to unsupported platforms and operating systems
EU-IndiaGrid Workshop Taipei, November 2nd 2007 The ENEA gateway approach providing EGEE/gLite access to unsupported platforms and operating systems G. Bracco, S.Migliori, A. Quintiliani, A. Santoro, C.
More informationMIGRATING DESKTOP AND ROAMING ACCESS. Migrating Desktop and Roaming Access Whitepaper
Migrating Desktop and Roaming Access Whitepaper Poznan Supercomputing and Networking Center Noskowskiego 12/14 61-704 Poznan, POLAND 2004, April white-paper-md-ras.doc 1/11 1 Product overview In this whitepaper
More informationConcepts and Architecture of the Grid. Summary of Grid 2, Chapter 4
Concepts and Architecture of the Grid Summary of Grid 2, Chapter 4 Concepts of Grid Mantra: Coordinated resource sharing and problem solving in dynamic, multi-institutional virtual organizations Allows
More informationImplementing Secure Sockets Layer on iseries
Implementing Secure Sockets Layer on iseries Presented by Barbara Brown Alliance Systems & Programming, Inc. Agenda SSL Concepts Digital Certificate Manager Local Certificate Authority Server Certificates
More informationSecurity in OSG. Tuesday afternoon, 3:15pm. Igor Sfiligoi <isfiligoi@ucsd.edu> Member of the OSG Security team University of California San Diego
Security in OSG Tuesday afternoon, 3:15pm Igor Sfiligoi Member of the OSG Security team University of California San Diego Logistical reminder It is OK to ask questions - During the
More information(RH 7.3, gcc 2.95.2,VDT 1.1.6, EDG 1.4.3, GLUE, RLS) Tokyo BNL TAIWAN RAL 20/03/2003 20/03/2003 CERN 15/03/2003 15/03/2003 FNAL 10/04/2003 CNAF
Our a c t i v i t i e s & c o n c e rn s E D G - L C G t r a n s i t i o n / c o n v e r g e n c e p l a n EDG s i d e : i n t e g r a t i o n o f n e w m i d d l e w a r e, t e s t b e d e v a l u a t
More informationARC Computing Element
NORDUGRID NORDUGRID-MANUAL-20 15/7/2015 ARC Computing Element System Administrator Guide F. Paganelli, Zs. Nagy, O. Smirnova, and various contributions from all ARC developers Contents 1 Overview 9 1.1
More informationCourse Description. Course Audience. Course Outline. Course Page - Page 1 of 9
Course Page - Page 1 of 9 Administering the Web Server (IIS) Role of Windows Server M-10972 Length: 5 days Price: $2,795.00 Course Description This course provides students with the fundamental knowledge
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationGridPP36 Security Report
GridPP36 Security Report Ian Neilson GridPP Security Officer 12/04/2016 Gridpp36, Pitlochry Slide Security Report Operational Security Policy Updates Collaborations & Projects Future Work ARGUS Ban Tests
More informationDanske Bank Group Certificate Policy
Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...
More informationHow To Make A Trustless Certificate Authority Secure
Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security Slides adapted from Radia Perlman s slides Key Distribution - Secret Keys What if
More informationGrid Engine. The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How)
The EPIKH Project (Exchange Programme to advance e-infrastructure Know-How) Grid Engine Riccardo Rotondo (riccardo.rotondo@garr.it) Consortium GARR Joint CHAIN/EPIKH School for Application Porting to Science
More informationSonicOS Enhanced 3.2 LDAP Integration with Microsoft Active Directory and Novell edirectory Support
SonicOS Enhanced 3.2 LDAP Integration with Microsoft Active Directory and Novell edirectory Support Document Scope This document describes the integration of SonicOS Enhanced 3.2 with Lightweight Directory
More informationDirectory and File Transfer Services. Chapter 7
Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major
More informationTEXAS AGRILIFE SERVER MANAGEMENT PROGRAM
TEXAS AGRILIFE SERVER MANAGEMENT PROGRAM Policy Compliancy Checklist September 2014 The server management responsibilities described within are required to be performed per University, Agency or State
More informationBugzilla ID: Bugzilla Summary:
Bugzilla ID: Bugzilla Summary: CAs wishing to have their certificates included in Mozilla products must 1) Comply with the requirements of the Mozilla CA certificate policy (http://www.mozilla.org/projects/security/certs/policy/)
More informationHow to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)
How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG) Introduction Understanding Forefront Threat Management Gateway (TMG) Network Topology Understanding Forefront Threat Management
More informationCox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]
Cox Managed CPE Services RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft] September, 2015 2015 by Cox Communications. All rights reserved. No part of this document may be reproduced or transmitted
More informationResource Management on Computational Grids
Univeristà Ca Foscari, Venezia http://www.dsi.unive.it Resource Management on Computational Grids Paolo Palmerini Dottorato di ricerca di Informatica (anno I, ciclo II) email: palmeri@dsi.unive.it 1/29
More informationUse of The Information Services Active Directory Service (AD) Code of Practice
Use of The Information Services Active Directory Service (AD) Code of Practice Introduction This code of practice is intended to support the Information Security Policy of the University and should be
More informationMonitoring Message Passing Applications in the Grid
Monitoring Message Passing Applications in the Grid with GRM and R-GMA Norbert Podhorszki and Peter Kacsuk MTA SZTAKI, Budapest, H-1528 P.O.Box 63, Hungary pnorbert@sztaki.hu, kacsuk@sztaki.hu Abstract.
More informationMy FreeScan Vulnerabilities Report
Page 1 of 6 My FreeScan Vulnerabilities Report Print Help For 66.40.6.179 on Feb 07, 008 Thank you for trying FreeScan. Below you'll find the complete results of your scan, including whether or not the
More informationNetwork monitoring in DataGRID project
Network monitoring in DataGRID project Franck Bonnassieux (CNRS) franck.bonnassieux@ens-lyon.fr 1st SCAMPI Workshop 27 Jan. 2003 DataGRID Network Monitoring Outline DataGRID network Specificity of Grid
More informationConfiguring Digital Certificates
CHAPTER 36 This chapter describes how to configure digital certificates and includes the following sections: Information About Digital Certificates, page 36-1 Licensing Requirements for Digital Certificates,
More informationChapter 2 Editor s Note:
[Editor s Note: The following content was excerpted from the free ebook The Tips and Tricks Guide to Securing Windows Server 2003 (Realtimepublishers.com) written by Roberta Bragg and available at http://www.netiq.com/offers/ebooks.]
More informationSecurity + Certification (ITSY 1076) Syllabus
Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and
More informationAuthorization Strategies for Virtualized Environments in Grid Computing Systems
Authorization Strategies for Virtualized Environments in Grid Computing Systems Xinming Ou Anna Squicciarini Sebastien Goasguen Elisa Bertino Purdue University Abstract The development of adequate security
More informationMS 10972A Administering the Web Server (IIS) Role of Windows Server
MS 10972A Administering the Web Server (IIS) Role of Windows Server Description: Days: 5 Prerequisites: This course provides students with the fundamental knowledge and skills to configure and manage Internet
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationAnalisi di un servizio SRM: StoRM
27 November 2007 General Parallel File System (GPFS) The StoRM service Deployment configuration Authorization and ACLs Conclusions. Definition of terms Definition of terms 1/2 Distributed File System The
More informationUser Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series
User Guide Supplement S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series SWD-292878-0324093908-001 Contents Certificates...3 Certificate basics...3 Certificate status...5 Certificate
More informationCompiled By: Chris Presland v1.0. 29 th September. Revision History Phil Underwood v1.1
Compiled By: Chris Presland v1.0 Date 29 th September Revision History Phil Underwood v1.1 This document describes how to integrate Checkpoint VPN with SecurEnvoy twofactor Authentication solution called
More information10972-Administering the Web Server (IIS) Role of Windows Server
Course Outline 10972-Administering the Web Server (IIS) Role of Windows Server Duration: 5 days (30 hours) Target Audience: This course is intended for IT Professionals already experienced in general Windows
More informationBrocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1
PKI Tutorial Jim Kleinsteiber February 6, 2002 Page 1 Outline Public Key Cryptography Refresher Course Public / Private Key Pair Public-Key Is it really yours? Digital Certificate Certificate Authority
More informationPlateforme de Calcul pour les Sciences du Vivant. SRB & glite. V. Breton. http://clrpcsv.in2p3.fr
SRB & glite V. Breton http://clrpcsv.in2p3.fr Introduction Goal: evaluation of existing technologies for data and tools integration and deployment Data and tools integration should be addressed using web
More informationTRUST RELATIONSHIPS AND SINGLE SIGN-ON IN GRID BASED DATA WAREHOUSES
TRUST RELATIONSHIPS AND SINGLE SIGN-ON IN GRID BASED DATA WAREHOUSES Xiaoyu Li a and Maree Pather b a Department of Information Technology, Nelson Mandela Metropolitan University b Department of Applied
More informationFaking Extended Validation SSL Certificates in Internet Explorer 7
Page 1 of 11 Faking Extended Validation SSL Certificates in Internet Explorer 7 June 7 th 2007, V1.1 Martin Christinat, CTO, christinat@.ch Abstract Extended Validation (EV) SSL certificates are a new
More informationTroubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123. Instructor Manual
Troubleshooting BlackBerry Enterprise Service 10 version 10.1.1 726-08745-123 Instructor Manual Published: 2013-07-02 SWD-20130702091645092 Contents Advance preparation...7 Required materials...7 Topics
More informationCyber Essentials. Test Specification
Cyber Essentials Test Specification Contents Scope of the Audit...2 Assumptions...3 Success Criteria...3 External systems...4 Required tests...4 Test Details...4 Internal systems...7 Tester pre-requisites...8
More informationDIGIPASS Authentication for Check Point Security Gateways
DIGIPASS Authentication for Check Point Security Gateways With IDENTIKEY Server 2009 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 38 Disclaimer Disclaimer of Warranties and
More informationCyber Essentials Questionnaire
Cyber Essentials Questionnaire Introduction The Cyber Essentials scheme is recommended for organisations looking for a base level Cyber security test where IT is a business enabler rather than a core deliverable.
More informationWhat Are They, and What Are They Doing in My Browser?
Digital Certificates, p.1 07/29/02 Digital Certificates What Are They, and What Are They Doing in My Browser? By Judith V. Boettcher and Amanda Powell Digital certificates provide a means to authenticate
More informationExtranet Access Management Web Access Control for New Business Services
Extranet Access Management Web Access Control for New Business Services An Evidian White Paper Increase your revenue and the ROI for your Web portals Summary Increase Revenue Secure Web Access Control
More informationglobus online Integrating with Globus Online Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory
globus online Integrating with Globus Online Steve Tuecke Computation Institute University of Chicago and Argonne National Laboratory Types of integration Resource integration Connect campus, project,
More informationNational Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016
National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy Version 1.1 February 2, 2016 Copyright 2016, Georgia Tech Research Institute Table of Contents TABLE OF CONTENTS I 1 INTRODUCTION
More informationIntroduction to the MISD Web FTP Client
Introduction to the MISD Web FTP Client What is FTP? FTP stands for File Transfer Protocol. It is an Internet service that allows users to copy files to or from computers which hold collections of files.
More informationAdvanced Administration
BlackBerry Enterprise Service 10 BlackBerry Device Service Version: 10.2 Advanced Administration Guide Published: 2014-09-10 SWD-20140909133530796 Contents 1 Introduction...11 About this guide...12 What
More informationRam Dantu. VOIP: Are We Secured?
Ram Dantu Professor, Computer Science and Engineering Director, Center for Information and Computer Security University of North Texas rdantu@unt.edu www.cse.unt.edu/~rdantu VOIP: Are We Secured? 04/09/2012
More informationImplementing Secure Sockets Layer (SSL) on i
Implementing Secure Sockets Layer (SSL) on i Presented by Barbara Brown Alliance Systems & Programming, Inc. Agenda SSL Concepts History of SSL Digital Certificate Manager Local Certificate Authority Server
More informationGrid and Cloud Computing at LRZ Dr. Helmut Heller, Group Leader Distributed Resources Group
Grid and Cloud Computing at LRZ Dr. Helmut Heller, Group Leader Distributed Resources Group Overview Grid: http://www.grid.lrz.de What is Grid computing? Advantages of Grid computing (why you should use
More informationIntegrating a heterogeneous and shared Linux cluster into grids
Integrating a heterogeneous and shared Linux cluster into grids 1,2 1 1,2 1 V. Büge, U. Felzmann, C. Jung, U. Kerzel, 1 1 1 M. Kreps, G. Quast, A. Vest 1 2 DPG Frühjahrstagung March 28 31, 2006 Dortmund
More informationHow To Protect Information At De Montfort University
Network Security Policy De Montfort University January 2006 Page 1 of 18 Contents 1 INTRODUCTION 1.1 Background... 1.2 Purpose and Scope... 1.3 Validity... 1.4 Assumptions... 1.5 Definitions... 1.6 References..
More informationPilot WEDI Review
WEDI/AFEHCT Internet Encryption Interoperability Pilot WEDI Board Meeting September 26, 2000 - Phoenix Hyatt Kepa Zubeldia, M.D. Vice President, Technology ENVOY Corporation Why a Pilot HIPAA NPRM Technology
More informationPresenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013
Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013 Outline Genesis - why we built it, where and when did the idea begin Issues
More informationFIREWALL POLICY November 2006 TNS POL - 008
FIREWALL POLICY November 2006 TNS POL - 008 Introduction Network Security Services (NSS), a department of Technology and Network Services, operates a firewall to enhance security between the Internet and
More informationGSI Credential Management with MyProxy
GSI Credential Management with MyProxy GGF8 Production Grid Management RG Workshop June 26, 2003 Jim Basney jbasney@ncsa.uiuc.edu http://myproxy.ncsa.uiuc.edu/ MyProxy Online repository of encrypted GSI
More informationRelease Notes for Version 1.5.207
Release Notes for Version 1.5.207 Created: March 9, 2015 Table of Contents What s New... 3 Fixes... 3 System Requirements... 3 Stonesoft Appliances... 3 Build Version... 4 Product Binary Checksums... 4
More informationManaging Remote Access
VMWARE TECHNICAL NOTE VMware ACE Managing Remote Access This technical note explains how to use VMware ACE to manage remote access through VPN to a corporate network. This document contains the following
More informationLinux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS QUARTER 2 NETWORKING AND OPERATING SYSTEMS ESSENTIALS. Module 1 - Office Applications
NETWORK ENGINEERING TRACK Linux Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use Office
More informationOIS. Update on Windows 7 at CERN & Remote Desktop Gateway. Operating Systems & Information Services CERN IT-OIS
Operating Systems & Information Services Update on Windows 7 at CERN & Remote Desktop Gateway CERN IT-OIS Tim Bell, Michal Kwiatek, Michal Budzowski, Andreas Wagner HEPiX Fall 2010 Workshop 4th November
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationINDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456. Aristotle University of Thessaloniki PKI (www.pki.auth.gr) WHOM IT MAY CONCERN
Title INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456 Customer Aristotle University of Thessaloniki PKI (www.pki.auth.gr) To WHOM IT MAY CONCERN Date 18 March 2011 Independent Audit
More informationInformation. Questions will be answered at the end. Please submit questions to Erick Mendoza using the chat function.
Information Questions will be answered at the end. Please submit questions to Erick Mendoza using the chat function. Securing Niagara, Part 2 Java 1.7.0.25 Update Announcement Review basic hardening steps
More informationINTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE
INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE Legal Marks No portion of this document may be reproduced or copied in any form, or by
More informationCAC/PIV PKI Solution Installation Survey & Checklist
CAC/PIV PKI Solution Installation Survey & Checklist Konica Minolta CAC/PIV Solution Revision: 1.3 Date: 10/19/09 1 Document Overview This document must be completed and used as a checklist or questionnaire
More informationRelease Version 4.1 The 2X Software Server Based Computing Guide
Release Version 4.1 The 2X Software Server Based Computing Guide Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless
More informationOn and off premises technologies Which is best for you?
On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email
More informationNetwork Security: Public Key Infrastructure
Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu CSG254: Network Security Slides adapted from Radia Perlman s slides Key Distribution - Secret Keys
More informationEUCIP - IT Administrator. Module 5 IT Security. Version 2.0
EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single
More informationTest Plan for Department of Defense (DoD) Public Key Infrastructure (PKI) Interagency/Partner Interoperability. Version 1.0.3
Test Plan for Department of Defense (DoD) Public Key Infrastructure (PKI) Interagency/Partner Interoperability Version 1.0.3 Prepared for: Department of Defense (DoD) PKI August 27, 2008 Page 1 Table of
More informationDIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication
DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication Certificate Based 2010 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 31 Disclaimer Disclaimer of
More informationHow To Protect Your Network From Attack
Department of Computer Science Institute for System Architecture, Chair for Computer Networks Internet Services & Protocols Internet (In)Security Dr.-Ing. Stephan Groß Room: INF 3099 E-Mail: stephan.gross@tu-dresden.de
More informationInstruments in Grid: the New Instrument Element
Instruments in Grid: the New Instrument Element C. Vuerli (1,2), G. Taffoni (1,2), I. Coretti (1), F. Pasian (1,2), P. Santin (1), M. Pucillo (1) (1) INAF Astronomical Observatory of Trieste (2) INAF Informative
More informationUpdates from the EUGridPMA. David Groep, Nov 7 nd, 2008
Updates from the EUGridPMA David Groep, Nov 7 nd, 2008 Updates Today Towards EMEA coverage Autonomous growth Updates AuthZ Operations WG Repository issues TAGPMA La Plata meeting Nov 2008-2 Geographical
More informationConfiguring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication
Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication This application note describes how to authenticate users on a Cisco ISA500 Series security appliance. It includes these
More informationCase Study for Layer 3 Authentication and Encryption
CHAPTER 2 Case Study for Layer 3 Authentication and Encryption This chapter explains the basic tasks for configuring a multi-service, extranet Virtual Private Network (VPN) between a Cisco Secure VPN Client
More informationHow To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (
WHITEPAPER BackupAssist Version 5.1 www.backupassist.com Cortex I.T. Labs 2001-2008 2 Contents Introduction... 3 Hardware Setup Instructions... 3 QNAP TS-409... 3 Netgear ReadyNas NV+... 5 Drobo rev1...
More informationCertificate Management
Certificate Management This guide provides information on...... Configuring the GO!Enterprise MDM server to use a Microsoft Active Directory Certificate Authority... Using Certificates from Outside Sources...
More informationIP Office Technical Tip
IP Office Technical Tip Tip no: 119 Release Date: 20 Jan 2006 Region: GLOBAL Overview Avaya IP Office Compact Contact Center (CCC) Security Modifications Post Windows 2003 SP1 In Microsoft Windows Server
More informationCCM 4350 Week 11. Security Architecture and Engineering. Guest Lecturer: Mr Louis Slabbert School of Science and Technology.
CCM 4350 Week 11 Security Architecture and Engineering Guest Lecturer: Mr Louis Slabbert School of Science and Technology CCM4350_CNSec 1 Web Server Security The Web is the most visible part of the net
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationRecommendations for Static Firewall Configuration in D-Grid
D-Grid Integrationsprojekt (DGI-2) Fachgebiet 3-3 Firewalls Recommendations for Static Firewall Configuration in D-Grid Version 1.5, 21. Mai 2008 D-Grid Integrationsprojekt (DGI-2) Autoren: Gian Luca Volpato
More information