Transcript {*******z
The Trusted Network
· · · LEFIS PKI · · ·
2nd June, 2006 · Sofia
by Leonardo Catalinas · May 2006
<[email protected]>
Internet security today
Simplest authentication methods and
unprotected data traffic implies:
✗ Poor user's confidentiality
✗ Poorly verified user's identity
✗ Unverified data integrity
What we can do?
well-authenticated
access to resources
Digital Signature
private access which prevents non
related people to spy member's actions
Tools
Use of Public Key Technologies to
increase security
Our own PKI
✔ Open Source Software
✔ Interoperability
✔ Cross CA
✔ Secure and identified web access
✔ Signed documents
✔ Signed e-mail
.
PKI Design
PKI Design…
Trust based in APTICE CA
Hierarchical
Permits building multiple PKIs
Capable of recognize other PKIs
Cross Certification between PKIs
APTICE
Certification
Authority
Lays Trust
Base
signs
LEFIS
Subordinated CA
delegates
APTICE CA
Lays Trust Base
The
LEFIS
PKI
manages
LEFIS
PKI
Trust
ORG1
PKI
ORG2
PKI
Used
Trust
Trust
LEFIS
Registration
Authorities
PKI Enrollment
But, how to get a LEFIS Certificate?
✔ PDF Guide in english
✔ CSR Generation Adv.
✔ Easy Web Interface
✔ Local Keys Generation
✔ Platform independent
LEFIS_MAN_EN_
ENROLL_LEFIS_PKI.pdf
LEFIS Web Site Aims
Moodle
• Is a ‘CMS’
• WG Activities Support
• User’s communication
• Dynamic contents
• Workshops
• Tasks
• Wiki
Public Side (Informative)
Private Side (for validated
members)
LEFIS' Innovative idea
Moodle + PKI = MoodlePKI
✔An extension designed and developed by ourselves
✔Makes Moodle able to identify users by their Certificates
✔Certificates can be easily obtained in our PKI public web page
✔We plan to recognize Certificates signed by other PKIs or CAs
Accessing The LEFIS Web Page
With a Digital Certificate