logging in or signing up APGridPMA EU 200605 Pravez Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 31 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 10, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Updates of the APGrid PMA: Updates of the APGrid PMA Yoshio Tanaka APGrid PMA, Chair Grid Technology Research Center, AIST, JapanAPGridPMA: Members: APGridPMA: MembersGeographical locations (except US and AU): Geographical locations (except US and AU)APGrid CAs (accredited, 1/3): APGrid CAs (accredited, 1/3) Australia APACGrid CA Accredited in Nov. 2005 Started the operation in Feb. 2006 Audited in March 2006 David Bannon, Graham Jenkins, Chris Kendrick Issues certificates for LCG China IHEP CA Accredited in May 2005 (already in operation) Audited in December 2005 profile of the root cert. has been changed Gongxing Sun, Gang Chen, Fan HuaXiang Issues certificates for LCG CNIC / SDG CA Accredited in Dec. 2005. Not yet in operation Going to launch a new CA hierarchical CA need to be accredited again Kai Nan, Morrise Xu, APGrid CAs (accredited, 2/3): APGrid CAs (accredited, 2/3) Japan AIST GRID CA Accredited in Sep. 2004 Started the operation in March 2005 Audited in March 2005 Yoshio Tanaka, + 5 staffs NAREGI CA Accredited in Nov. 2005 Started the operation in Feb. 2006 Not yet audited Masataka Kanamori, + 4 staffs KEK Grid CA Accredited in Jan. 2006 Started the operation in Feb. 2006 Not yet audited Takashi Sasaki, + 2~3 staffs Issues certificates for LCGAPGrid CAs (accredited, 3/3): APGrid CAs (accredited, 3/3) Korea KISTI GRID CA Accredited in Aug. 2004. (already in operation) Not yet audited Sangwan Kim, Jae-hyuck Kwak Issues certificates for LCG Taiwan ASGCC CA Operated by Academia Sinica Grid Computing Center Accredited in Sep. 2004. (already in operation) Audited in Aug. 2005 Eric Yen, C.C. Chang, + 1~2 operators Issues certificates for LCG NCHC Grid CA Operated by National Cener for High-performance Computing Accredited in Feb. 2006 Not yet in operation Alex Wu, Weicheng Huang, + 1~2 operators APGrid CAs (under review, planned): APGrid CAs (under review, planned) Singapore NGO CA will be operated by National Grid Office and Netrust Inc. CP/CPS under review will issue certificates for LCG Thailand NECTEC CA will be operated by National Electronics and Computer Technology Center drafting CP/CPS Thai National Grid Center (will be accredited as a new member) will be operated by Thai National Grid Center drafting CP/CPS USA PRAGMA CA will be operated by SDSC planning to be a catch-all CA for PRAGMA members drafting CP/CPSAPGrid CAs (general membership): APGrid CAs (general membership) China Univ. of Hong Kong India Univ. of Hyderabad Japan Osaka Univ. Malaysia Univ. Sains MalaysiaAPGridPMA: Status & Activities: APGridPMA: Status & Activities Accreditation of CAs 9 accredited CAs AIST, APAC, ASGCC, CNIC, IHEP, KEK, KISTI, NAREGI, NCHC 7 CAs are in operation CNIC/SDG will change the structure and will be re-accredited Audit AIST, APAC, ASGCC, IHEP have been audited by the other CAs. Regular (monthly) VTC. Brief status reports of each CA In-depth report of a CA Decisions Examination for accreditation of a CA Approval of charter, minimum CA requirements, etc. Open discussions (physical) face-to-face meeting (at least) once per year. 1st face-to-face meeting was in Dec. 2005, Beijing. 2nd meeting will be in Oct. 15, 2006, Osaka, Japan.Some Updates: Some Updates Next chair Yoshio Tanaka (continue) CA Monitoring page using Nagios http://www.apgridpma.org/nagios/ Shows status of all IGTF-accredited CAs Modified script (read configuration from .info file) Next F2F meeting October 15, Osaka, Japan (co-located with PRAGMA Workshop)Some Updates (cont’d): Some Updates (cont’d) Issues to be discussed Accreditation of NGO/Netrust CA Some information are confidential Too short validity period of CRL Netrust CA agreed with disclosing audit report to the APGrid PMA auditors Accreditation of CNIC/SDG CA hierarchical CA IGTF CA distribution from the APGrid PMA Will need to limit the number of CAs per region Japanese universities will build UPKI China has some national/international Grid project Need to consider hierarchical structure of PMAs Proposed audit items: Proposed audit items NAREGI PKI WG has subjectively selected criteria for auditing Grid CAs. based on AICPA/CICA WebTrustSM/TM Program for Certification Authority minimum CA requirements of APGrid PMA and EUGrid PMA Web Trust WebTrust is a seal awarded to web sites that consistently adhere to certain business standards established by the Canadian Institute of Chartered Accountants (CICA.ca) and the American Institute of Certified Public Accountants (AICPA). In the program, “Web Trust Principles and Criteria for Certification Authorities” lists criteria for CAs. may too much for Grid CAs.Audit checklist: Audit checklist Simply pickup items from WebTrustSM/TM criteria based on minimum CA requirements. The number of criteria:Rough procedures for auditing: Rough procedures for auditing Pre examination (few days) Review all available documents CP/CPS, User’s manual, Operational manual, CRL, CA Certificate, etc. Prepare score sheet Main examination (half day) Interview to CA staffs Detailed flow of identifying end entities and issuing certificates How accesses to the CA private key is controlled Inspection of equipments CA server, CA room, backup media, archived logs, a safe box, etc. Post examination (half day) Draft and send an audit report The audited CA is requested to send a report on plans for the improvements in 1 week You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
APGridPMA EU 200605 Pravez Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 31 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 10, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript Updates of the APGrid PMA: Updates of the APGrid PMA Yoshio Tanaka APGrid PMA, Chair Grid Technology Research Center, AIST, JapanAPGridPMA: Members: APGridPMA: MembersGeographical locations (except US and AU): Geographical locations (except US and AU)APGrid CAs (accredited, 1/3): APGrid CAs (accredited, 1/3) Australia APACGrid CA Accredited in Nov. 2005 Started the operation in Feb. 2006 Audited in March 2006 David Bannon, Graham Jenkins, Chris Kendrick Issues certificates for LCG China IHEP CA Accredited in May 2005 (already in operation) Audited in December 2005 profile of the root cert. has been changed Gongxing Sun, Gang Chen, Fan HuaXiang Issues certificates for LCG CNIC / SDG CA Accredited in Dec. 2005. Not yet in operation Going to launch a new CA hierarchical CA need to be accredited again Kai Nan, Morrise Xu, APGrid CAs (accredited, 2/3): APGrid CAs (accredited, 2/3) Japan AIST GRID CA Accredited in Sep. 2004 Started the operation in March 2005 Audited in March 2005 Yoshio Tanaka, + 5 staffs NAREGI CA Accredited in Nov. 2005 Started the operation in Feb. 2006 Not yet audited Masataka Kanamori, + 4 staffs KEK Grid CA Accredited in Jan. 2006 Started the operation in Feb. 2006 Not yet audited Takashi Sasaki, + 2~3 staffs Issues certificates for LCGAPGrid CAs (accredited, 3/3): APGrid CAs (accredited, 3/3) Korea KISTI GRID CA Accredited in Aug. 2004. (already in operation) Not yet audited Sangwan Kim, Jae-hyuck Kwak Issues certificates for LCG Taiwan ASGCC CA Operated by Academia Sinica Grid Computing Center Accredited in Sep. 2004. (already in operation) Audited in Aug. 2005 Eric Yen, C.C. Chang, + 1~2 operators Issues certificates for LCG NCHC Grid CA Operated by National Cener for High-performance Computing Accredited in Feb. 2006 Not yet in operation Alex Wu, Weicheng Huang, + 1~2 operators APGrid CAs (under review, planned): APGrid CAs (under review, planned) Singapore NGO CA will be operated by National Grid Office and Netrust Inc. CP/CPS under review will issue certificates for LCG Thailand NECTEC CA will be operated by National Electronics and Computer Technology Center drafting CP/CPS Thai National Grid Center (will be accredited as a new member) will be operated by Thai National Grid Center drafting CP/CPS USA PRAGMA CA will be operated by SDSC planning to be a catch-all CA for PRAGMA members drafting CP/CPSAPGrid CAs (general membership): APGrid CAs (general membership) China Univ. of Hong Kong India Univ. of Hyderabad Japan Osaka Univ. Malaysia Univ. Sains MalaysiaAPGridPMA: Status & Activities: APGridPMA: Status & Activities Accreditation of CAs 9 accredited CAs AIST, APAC, ASGCC, CNIC, IHEP, KEK, KISTI, NAREGI, NCHC 7 CAs are in operation CNIC/SDG will change the structure and will be re-accredited Audit AIST, APAC, ASGCC, IHEP have been audited by the other CAs. Regular (monthly) VTC. Brief status reports of each CA In-depth report of a CA Decisions Examination for accreditation of a CA Approval of charter, minimum CA requirements, etc. Open discussions (physical) face-to-face meeting (at least) once per year. 1st face-to-face meeting was in Dec. 2005, Beijing. 2nd meeting will be in Oct. 15, 2006, Osaka, Japan.Some Updates: Some Updates Next chair Yoshio Tanaka (continue) CA Monitoring page using Nagios http://www.apgridpma.org/nagios/ Shows status of all IGTF-accredited CAs Modified script (read configuration from .info file) Next F2F meeting October 15, Osaka, Japan (co-located with PRAGMA Workshop)Some Updates (cont’d): Some Updates (cont’d) Issues to be discussed Accreditation of NGO/Netrust CA Some information are confidential Too short validity period of CRL Netrust CA agreed with disclosing audit report to the APGrid PMA auditors Accreditation of CNIC/SDG CA hierarchical CA IGTF CA distribution from the APGrid PMA Will need to limit the number of CAs per region Japanese universities will build UPKI China has some national/international Grid project Need to consider hierarchical structure of PMAs Proposed audit items: Proposed audit items NAREGI PKI WG has subjectively selected criteria for auditing Grid CAs. based on AICPA/CICA WebTrustSM/TM Program for Certification Authority minimum CA requirements of APGrid PMA and EUGrid PMA Web Trust WebTrust is a seal awarded to web sites that consistently adhere to certain business standards established by the Canadian Institute of Chartered Accountants (CICA.ca) and the American Institute of Certified Public Accountants (AICPA). In the program, “Web Trust Principles and Criteria for Certification Authorities” lists criteria for CAs. may too much for Grid CAs.Audit checklist: Audit checklist Simply pickup items from WebTrustSM/TM criteria based on minimum CA requirements. The number of criteria:Rough procedures for auditing: Rough procedures for auditing Pre examination (few days) Review all available documents CP/CPS, User’s manual, Operational manual, CRL, CA Certificate, etc. Prepare score sheet Main examination (half day) Interview to CA staffs Detailed flow of identifying end entities and issuing certificates How accesses to the CA private key is controlled Inspection of equipments CA server, CA room, backup media, archived logs, a safe box, etc. Post examination (half day) Draft and send an audit report The audited CA is requested to send a report on plans for the improvements in 1 week