st apgrid
play

st APGrid 1 st APGrid PMA Meeting PMA Meeting 1 29 Nov 2005 Jon - PowerPoint PPT Presentation

Dec 07, 2023 •586 likes •903 views

st APGrid 1 st APGrid PMA Meeting PMA Meeting 1 29 Nov 2005 Jon Lau National Grid Office Singapore Agenda Agenda Introduction to National Grid (NG) Commercial CA for NG Pilot Platform About Netrust Certificate

  1. st APGrid 1 st APGrid PMA Meeting PMA Meeting 1 29 Nov 2005 Jon Lau National Grid Office Singapore

  2. Agenda Agenda • Introduction to National Grid (NG) • Commercial CA for NG Pilot Platform • About Netrust • Certificate Application Process • Points to Note

  3. National Grid National Grid

  4. National Grid Vision National Grid Vision to facilitate the seamless use of an integrated cyber infrastructure in a secure, effective & efficient manner to advance scientific, engineering & biomedical R&D, with the longer term goal of transforming the Singapore economy using grid

  5. National Grid Steering Committee Chairman MTI MINDEF MITA MOH MOE Industry (A*STAR, (DSTA, DSO) (IDA, MDA) (Hospitals) (Schools, (Lilly, CPG. EDB, SPRING, RIs) NUS, NTU) ITSC, SITF, …) National Grid Working Groups Governance Council Security (NGGC) Middleware & Architecture Governance & Policy Facilitates & National Grid coordinates activities Network Office (NGO) Physical Sciences SIGs Manufacturing National Grid National Grid Digital Media Life Sciences System Administrators Operations Competency Centre Centre Access Grid (NGOC) (NGCC) PC Grid Computing … Virtual Grid Communities

  6. Activities Activities • Formulate the framework & policies • Plan & develop a secure platform • Adopt common open standards • Encourage the adoption of Grid Computing • Demonstrate the commercial viability of compute-resource-on-tap • Lay the foundation for a vibrant Grid Computing economy

  7. National Grid Pilot Platform – – Phase 1 Phase 1 National Grid Pilot Platform • Objectives: – Build grid computing awareness – Foster collaboration – Interconnect main compute resources • Scope: – Establish 1GE backbone – Establish rudimentary infrastructure Entity OS Platform for R&D in universities/research IHPC AIX IBM Regatta centres One-North Linux Compaq Alpha Cluster (BII & GIS) Solaris Sun – Testbed distributed applications NUS Linux Intel Xeon Cluster NTU Solaris Sun Fire Linux Intel Pentium 4 SMA Linux Itanium 2

  8. NGPP NGPP Certificate Authority Certificate Authority

  9. Commercial CA Commercial CA • Objective: – To migrate from free digital certificates to commercial CA digital certificates so as: • Increased security robustness, in preparation for industry focus in NGPP2 • Understand security procedures & issues pertaining to commercial CA certificate • Tender awarded to Netrust Pte Ltd – Netrust is the only certified CA in Singapore – Netrust is able to accommodate flexibility in implementing digital certificates usable in Globus

  10. Netrust Certificate Authority Certificate Authority Netrust • NGO has been officially acknowledged by Netrust as an Organizational Registration Authority (ORA) – Will ease NGPP sites in obtaining certificates – without ORA, need to obtain certificates from Netrust – NGO will perform the administrative processes only • NGPP sites nominated representatives to receive digital certificates • All existing NGPP sites have migrated their host certificates to Netrust certificates • Continual effort to issue certificates for – New users of NGPP resources – Additional hosts added to NGPP • Temporary CA will continue to exist to issue certificates for testing and trials .

  11. About Netrust Netrust About

  12. Netrust Netrust • Established in May 1997 as the first Certification Authority (CA) in Southeast Asia . • Provides individuals, businesses and government organisations with a complete online identification and security infrastructure to enable secure electronic transactions via the Internet and other wireless media. • In its capacity as a CA , Netrust acts as a trusted third party (TTP) that issues and manages digital certificates. Netrust maintains a Public Key Infrastructure (PKI) certification service and in its CA role creates and signs X.509 digital certificates which bind individuals, organisations and application servers with the particular public key of each subscriber. • Netrust's digital certificates can be issued globally and provide complete online identification and security for secure electronic transactions. It supports the core security requirements of Authentication, Authorization, Confidentiality, Data Integrity and Non-Repudiation .

  15. BS7799 BS7799 • BS7799 is the most widely recognised security standard in the world . Although it was originally published in the mid-nineties, it was the re-vision of May 1999 which really put it on to the world stage. Ultimately, it evolved into BS EN ISO17799 in December 2000. • BS 7799 (ISO17799) is comprehensive in its coverage of security issues, containing a significant number of control requirements. • Compliance with it is consequently a far from trivial task, even for the most security conscious of organizations.

  16. Certificate Application Certificate Application Process Process

  17. NGPP Host Certificate Registration/Issuance • Registration process – Applicant/Administrator (nominated) submits required documents to NGO (personally) on behalf of organisation • Application form (duly signed) • Photocopy of NRIC/Passport/Employment Pass (clear) • Letter of Authorization from organisation to authorise applicant to receive the host certificate (duly signed by dept. head) – NGO submits required documents to Netrust – Netrust CA issues enabling codes (a.k.a. Authorisation Code & Reference Number) • CA forwards 1 set of code to the applicant via email • CA forwards Reference Number to NGO via email • NGO informs applicant via phone/SMS – Applicant log-on to Netrust interface to submit CSR and codes – CA signs certificate and returns to applicant

  20. NGPP User Certificate Registration/Issuance • Registration process – User submits required documents to NGO (personally) • Application form (duly signed) • Photocopy of NRIC/Passport/Employment Pass (clear) • Letter of Authorization from organisation to certify that the applicant is an employee of the organisation – NGO submits required documents to Netrust – Netrust CA issues enabling codes (a.k.a. Authorisation Code & Reference Number) • CA forwards reference code to applicant via email • CA forwards authorisation code to applicant via pin-mailer – Applicant generates his/her own CSR and log-on to Netrust interface to submit CSR and codes – CA signs certificate and returns to applicant

  23. Certificate Lifetime & Certificate Lifetime & Revocation List (CRL) Revocation List (CRL) • Netrust certificates have a life of 5 years (flexible) – Considerations: cost, user generation experience, size of CRL • Netrust generates a new CRL every 24 hours • The CRL can be downloaded from http://netrustconnector.netrust.net/netrus t.crl

  24. Host Cert Info Host Cert Info • Issuer: C=SG, O=Netrust Certificate Authority 1, OU=Netrust CA1 Validity Not Before: Jun 6 01:19:13 2005 GMT Not After : Apr 19 16:00:00 2010 GMT Subject: C=SG, O=Netrust Certificate Authority 1, OU=Netrust CA1 (Server), OU=National Grid Pilot Platform, CN=machine.ngpp.ngp.org.sg

  25. User Cert Info User Cert Info • Issuer: C=SG, O=Netrust Certificate Authority 1, OU=Netrust CA1 Validity Not Before: Aug 5 07:39:04 2005 GMT Not After : Apr 25 16:00:00 2010 GMT Subject: C=SG, O=Netrust Certificate Authority 1, OU=Netrust CA1 (Corporate), OU=National Grid Pilot Platform, OU=National Grid Singapore, CN=TAN Ah Seng + serialNumber=SG- A1234567N:W:1,

  26. Points to Note Points to Note

  27. Certificates Issued Certificates Issued • Issued todate: – 16 User Certificates – 27 Host Certificates – None revoked (as yet) • To organisations in Singapore: – Bioinformatics Institute – Institute for High Performance Computing – Nanyang Technological University – National Grid Singapore – National University of Singapore • Updated list of issued certificates obtainable from Netrust

  28. Issues Faces/Lessons Learnt Issues Faces/Lessons Learnt • Documentation procedures – unclear photocopies of NRIC, illegible handwriting, & missing letter of authorizations • Retrieval of Certificates – wrong steps • Justification on relationship to Parent organization to use its domain name (IHPC, Nanyang Campus Grid, & SMA) – E.g. www.sma.nus.edu.sg, www.ihpc.nus.edu.sg

  29. Considerations Considerations • Cost of certificate • Type of certificates – Ownership: Organisation Certificate, User Certificate – Regeneration when keys are wrongly entered • Relaying authorisation code – NGO relays using SMS – Other ways?

  30. End End jonlau@ngp.org.sg www.ngpp.ngp.org.sg

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NAREGI CA Updates NAREGI CA Updates st F2F Meeting in Beijing APGrid PMA 1 st - APGrid PMA 1 -

NAREGI CA Updates NAREGI CA Updates st F2F Meeting in Beijing APGrid PMA 1 st - APGrid PMA 1 -

NAREGI CA Updates NAREGI CA Updates st F2F Meeting in Beijing APGrid PMA 1 st - APGrid PMA 1 - F2F Meeting in Beijing - - Masataka Kanamori (kanamori@grid.nii.ac.jp) Center for Grid Research and Development, National Institute of Informatics

598 views • 8 slides
Recent activities on building a production Grid in the Asia Pacific Region - PRAGMA routine-basis

Recent activities on building a production Grid in the Asia Pacific Region - PRAGMA routine-basis

Recent activities on building a production Grid in the Asia Pacific Region - PRAGMA routine-basis experiments - APGrid PMA and the IGTF - Yoshio Tanaka (yoshio.tanaka@aist.go.jp yoshio.tanaka@aist.go.jp) ) Yoshio Tanaka ( APGrid PMA,

253 views • 9 slides
1 st APGrid PMA meeting Nov. 29, 2005 Yoshio Tanaka (yoshio.tanaka@aist.go.jp

1 st APGrid PMA meeting Nov. 29, 2005 Yoshio Tanaka (yoshio.tanaka@aist.go.jp

1 st APGrid PMA meeting Nov. 29, 2005 Yoshio Tanaka (yoshio.tanaka@aist.go.jp yoshio.tanaka@aist.go.jp) ) Yoshio Tanaka ( Grid Technology Research Center, Grid Technology Research Center, AIST, Japan Japan AIST, National Institute of

362 views • 5 slides
Recent Activities on I nternational Grid Trust Federation Yoshio Tanaka (yoshio. tanaka@aist. go.

Recent Activities on I nternational Grid Trust Federation Yoshio Tanaka (yoshio. tanaka@aist. go.

Recent Activities on I nternational Grid Trust Federation Yoshio Tanaka (yoshio. tanaka@aist. go. jp yoshio. tanaka@aist. go. jp) ) Yoshio Tanaka ( APGrid PMA, Chair PMA, Chair APGrid Grid Technology Research Center, Grid Technology

255 views • 22 slides
AIST GRID CA Updates APGrid PMA meeting, Nov. 29, 2005 Yoshio Tanaka (yoshio.tanaka@aist.go.jp

AIST GRID CA Updates APGrid PMA meeting, Nov. 29, 2005 Yoshio Tanaka (yoshio.tanaka@aist.go.jp

AIST GRID CA Updates APGrid PMA meeting, Nov. 29, 2005 Yoshio Tanaka (yoshio.tanaka@aist.go.jp yoshio.tanaka@aist.go.jp) ) Yoshio Tanaka ( Grid Technology Research Center, Grid Technology Research Center, AIST, Japan Japan AIST, National

256 views • 13 slides
HUD Office of Housing Counseling Network Agency Eligibility and Evaluation for Intermediary

HUD Office of Housing Counseling Network Agency Eligibility and Evaluation for Intermediary

HUD Office of Housing Counseling Network Agency Eligibility and Evaluation for Intermediary Organizations, State Housing Finance Agencies, and Multi State Organizations Oversight of Networks Webinar Series October 21, 2015 Welcome Lorraine

760 views • 42 slides
Consistency-Aware Durability Aishwarya Ganesan, Ram Alagappan, Andrea Arpaci-Dusseau, and Remzi

Consistency-Aware Durability Aishwarya Ganesan, Ram Alagappan, Andrea Arpaci-Dusseau, and Remzi

Strong and Efficient Consistency with Consistency-Aware Durability Aishwarya Ganesan, Ram Alagappan, Andrea Arpaci-Dusseau, and Remzi Arpaci-Dusseau Distributed Storage Systems 2 Consistency Models in Distributed Systems 3 Consistency Models

2.06k views • 177 slides
Lattice coverings Mathieu Dutour Sikiri c Rudjer Bo skovi c Institute, Croatia April

Lattice coverings Mathieu Dutour Sikiri c Rudjer Bo skovi c Institute, Croatia April

Lattice coverings Mathieu Dutour Sikiri c Rudjer Bo skovi c Institute, Croatia April 13, 2018 I. Introduction Lattice coverings A lattice L R n is a set of the form L = Z v 1 + + Z v n . A covering is a family of

1.12k views • 34 slides
Hierarchical Real Time Garbage Collection Filip Pizlo , Antony Hosking, Jan Vitek (Purdue &

Hierarchical Real Time Garbage Collection Filip Pizlo , Antony Hosking, Jan Vitek (Purdue &

Hierarchical Real Time Garbage Collection Filip Pizlo , Antony Hosking, Jan Vitek (Purdue & MSR, Purdue, Purdue & TJ Watson) LCTES 2007 San Diego, CA Real Time Java (RTJ) is a growing technology for developing robust,

762 views • 64 slides
Workshop 50 FSS/FSR 50 SW/JA Disclaimer O These slides are intended as a reference point only

Workshop 50 FSS/FSR 50 SW/JA Disclaimer O These slides are intended as a reference point only

Private Organization Workshop 50 FSS/FSR 50 SW/JA Disclaimer O These slides are intended as a reference point only and should not be considered advice on any particular situation. If you have specific questions relating to your private

527 views • 31 slides
Board of Visitors Finance Committee Meeting September 14, 2017 Agenda ACTION ITEMS TION ITEMS

Board of Visitors Finance Committee Meeting September 14, 2017 Agenda ACTION ITEMS TION ITEMS

Board of Visitors Finance Committee Meeting September 14, 2017 Agenda ACTION ITEMS TION ITEMS 1. Signatory Authority Related to Change in Group Purchasing Organization 2. Signatory Authority for Contracts Related to Security

560 views • 51 slides
CSE 473: Artificial Intelligence Winter 2017 Expectimax Search Steve Tanimoto Most of these

CSE 473: Artificial Intelligence Winter 2017 Expectimax Search Steve Tanimoto Most of these

CSE 473: Artificial Intelligence Winter 2017 Expectimax Search Steve Tanimoto Most of these slides originate from from : Dan Klein and Pieter Abbeel, Uncertain Outcomes Worst-Case vs. Average Case max min 10 10 9 100 Idea: Uncertain

475 views • 44 slides
Studies of hadronic B decays at LHCb Neus Lopez March for the LHCb collaboration 1 Outline

Studies of hadronic B decays at LHCb Neus Lopez March for the LHCb collaboration 1 Outline

Studies of hadronic B decays at LHCb Neus Lopez March for the LHCb collaboration 1 Outline Motivation Recent results on branching fractions measurements B + D +s : annihilation diagram, sensitive to new physics Double charm

682 views • 25 slides
Cosmic Background suppression for a NuMI electron-neutrino cross- section measurement in

Cosmic Background suppression for a NuMI electron-neutrino cross- section measurement in

Cosmic Background suppression for a NuMI electron-neutrino cross- section measurement in MicroBooNE Colton Hill on behalf of the MicroBooNE Collaboration New Perspectives 5 June 2017 Motivation - Why do we care about e ? MiniBooNE Low

419 views • 17 slides
Specifying Workflows Lance M Evans Cray Inc, 2016-05-03 Typical I/O Subsystem Customer

Specifying Workflows Lance M Evans Cray Inc, 2016-05-03 Typical I/O Subsystem Customer

Specifying Workflows Lance M Evans Cray Inc, 2016-05-03 Typical I/O Subsystem Customer Workflow Specifications Every workflow is unique Each vertical market is similar within (but never identical) Storage and I/O are called out when

207 views • 9 slides
The Ground Myth Dr. Bruce Archambeault IBM Distinguished Engineer IEEE Fellow IBM

The Ground Myth Dr. Bruce Archambeault IBM Distinguished Engineer IEEE Fellow IBM

The Ground Myth Dr. Bruce Archambeault IBM Distinguished Engineer IEEE Fellow IBM Research Triangle Park, NC Barch@us.ibm.com October 2007 IEEE IEEE Outline Electromagnetics Skin Effect Inductance Ground

1.54k views • 105 slides
Scalable Dynamic Analysis of Large Linear Systems Parasara Sridhar Duggirala Joint Work Mahesh

Scalable Dynamic Analysis of Large Linear Systems Parasara Sridhar Duggirala Joint Work Mahesh

Scalable Dynamic Analysis of Large Linear Systems Parasara Sridhar Duggirala Joint Work Mahesh Viswanathan UIUC Stanley Bak - AFRL P. S. Duggirala, M. Viswanathan. Parsimonous , Simulation Based Verification of Linear Systems

972 views • 93 slides
Tuomas Savolainen Max-Planck-Institut fr Radioastronomie Agudo Aller Aller Angelakis

Tuomas Savolainen Max-Planck-Institut fr Radioastronomie Agudo Aller Aller Angelakis

Tuomas Savolainen Max-Planck-Institut fr Radioastronomie Agudo Aller Aller Angelakis Arshakian Biermann Blandford Boeck Boettcher Britzen Chang Cheung D'Ammando Finke Fromm Fuhrmann Gabanyi Gasparrini Giovannini Giroletti

515 views • 33 slides
SMB3 Extensions for Low Latency Tom Talpey Microsoft May 12, 2016 Problem Statement

SMB3 Extensions for Low Latency Tom Talpey Microsoft May 12, 2016 Problem Statement

SMB3 Extensions for Low Latency Tom Talpey Microsoft May 12, 2016 Problem Statement Storage Class Memory A new, disruptive class of storage Nonvolatile medium with RAM-like performance Low latency, high throughput, high

519 views • 36 slides
Science with nano-satellites: BRITE-Constellation Andrzej Pigulski Astronomical Ins6tute

Science with nano-satellites: BRITE-Constellation Andrzej Pigulski Astronomical Ins6tute

Science with nano-satellites: BRITE-Constellation Andrzej Pigulski Astronomical Ins6tute University of Wrocaw, Poland Understanding the roles of rota0on, pulsa0on and chemical peculiari0es in the upper main sequence, Lake District, Cumbria,

717 views • 36 slides
Analysing Temporally Annotated Corpora with CAVaT Temporal Annotation What to annotate?

Analysing Temporally Annotated Corpora with CAVaT Temporal Annotation What to annotate?

Analysing Temporally Annotated Corpora with CAVaT Temporal Annotation What to annotate? Events and time expressions (intervals) Temporal, aspectual and subordinate links between intervals Signals that indicate recurrence or temporal

719 views • 17 slides
Open Access Inf rast ruct ures f or European Research Natalia Manola University of Athens

Open Access Inf rast ruct ures f or European Research Natalia Manola University of Athens

Open Access Inf rast ruct ures f or European Research Natalia Manola University of Athens Department of Informatics & Telecommunications TERENA meeting: GRNET Academic Media Casting workshop, Athens March 18, 2010 Open Access - Research

179 views • 14 slides
Memory Management in C Memory Management in C Personal Software Engineering Personal Software

Memory Management in C Memory Management in C Personal Software Engineering Personal Software

Memory Management in C Memory Management in C Personal Software Engineering Personal Software Engineering Memory Organization Memory Organization The call stack grows from the The call stack grows from the Function Call The top of

364 views • 12 slides
Lecture 11.2 MPI EN 600.320/420 Instructor: Randal Burns 6 March 2018 Department of Computer

Lecture 11.2 MPI EN 600.320/420 Instructor: Randal Burns 6 March 2018 Department of Computer

Lecture 11.2 MPI EN 600.320/420 Instructor: Randal Burns 6 March 2018 Department of Computer Science, Johns Hopkins University MPI MPI = Message Passing Interface Message passing parallelism Cluster computing (no shared memory)

355 views • 9 slides

More recommend