NATIONAL CENTRE FOR PHYSICS PK-Grid-CA - PowerPoint PPT Presentation

About This Presentation
Title:

NATIONAL CENTRE FOR PHYSICS PK-Grid-CA

Description:

Detector Construction. R&D related to Gaseous detectors. Physics ... C=PK, O=NCP, O=People, OU= UNIT , CN= FULL NAME , EMAIL= EMAIL ADDRESS Host Certificate ... – PowerPoint PPT presentation

Number of Views:28
Avg rating:3.0/5.0
Slides: 24
Provided by: usma9
Category:

less

Transcript and Presenter's Notes

Title: NATIONAL CENTRE FOR PHYSICS PK-Grid-CA


1
NATIONAL CENTRE FOR PHYSICSPK-Grid-CA
  • Mehnaz Hafeez
  • Usman Ahmad Malik
  • Sajjad Asghar
  • Advanced Scientific Computing
  • National Centre for Physics

2
Layout
  • Introduction
  • Procedural Security
  • Physical Security
  • Technical Security
  • Related Information
  • Contact Information

3
Introduction
  • In 1976, 1st International Nathiagali Summer
    College was organized by Prof. Salam.
  • It was his proposal that eventually this activity
    should be transformed into a Centre for Physics
  • The Nucleating Centre was established in 1994.
  • Finally in 1999, the Centre was established on
    Campus of Quaid-I-Azam University.

4
National Centre for Physics
  • NCP is funded by the Government of Pakistan.
  • It is a National Centre, so we are open to all
    universities in Pakistan.
  • The purpose of the Centre is to promote basic
    research in Physics and to break the scientific
    isolation of physicists of Pakistan.

5
National Centre for Physics
  • Prof. Riazuddin is the Director of NCP.
  • We have
  • Board of Governors
  • Scientific Council
  • The Centre has established number of National and
    International Collaborations
  • Abdus Salam ICTP
  • European Organization for Nuclear Research

6
National Centre for Physics
  • We organize Workshops, Conferences and Symposia.
  • International Nathiagali Summer College
  • 28.06.2004 12.07.2004
  • http//ncp.edu.edu.pk/insc
  • International Bhurban Conference
  • 07.06.2004 12.06.2004
  • http//ibcast.org.pk
  • Workshop on Particle Physics (March every year)
  • Workshop on Advanced Scientific Computing
    (October every year)

7
National Centre for Physics
  • The Centre is visitor oriented like ICTP.
  • Small permanent staff.
  • Faculty members 06
  • Students 12
  • Support Staff 06
  • Flagship activity is research in High-Energy
    Physics, both theory and experiment.

8
National Centre for Physics
  • NCP CERN Collaboration
  • Detector Simulation and Studies
  • Detector Construction
  • RD related to Gaseous detectors
  • Physics Data Analysis
  • Computing for LHC
  • More information http//www.ncp.edu.pk

9
PK-Grid-CA
  • The PK-Grid-CA is established and managed by
    National Centre for Physics in Pakistan.
  • It provides X.509 certificate to support the
    secure environment in grid related projects.

10
Procedural Security
  • End Entity and Certificate Type
  • Identification and Authentication
  • Certificate Request
  • Certificate Revocation
  • Records Archival

11
End Entity and Certificate Type
  • End Entities
  • NCP Working partners in Domestic/International
    Grid-based Application/Projects.
  • Certificate Type
  • User Certificate
  • CPK, ONCP, OPeople, OUltUNITgt,
  • CNltFULL NAMEgt, EMAILltEMAIL ADDRESSgt
  • Host Certificate
  • CPK, ONCP, OHost, OUltUNITgt, CNltFQDNgt

12
Identification and Authentication
  • User Certificate
  • The subject must personally contact the CA/RA
    staff in order to verify identity and the
    validity of the request.
  • The subject authentication is performed through
    the presentation of a valid official
    identification document passport national
    identity card.
  • Host Certificate
  • Requests must be signed with the personal
    PK-Grid-CA certificate.

13
Certificate Request
  • On-line Request
  • The subject can request for a host or user
    certificate on-line at http//ncp.edu.pk/pk-grid-c
    a
  • Off-Line Request
  • The subject can generate his key pair on his
    machine through OpenSSL commands.
  • The subject has to send his public key through
    an encrypted email at pkgrid-ca_at_ncp.edu.pk

14
Certificate Revocation
  • The subject of the certificate has ceased his
    relation with the PK- Grid projects.
  • The subject does not require the certificate any
    more
  • The private key has been lost or is suspected to
    be compromised.
  • The information in the certificate is wrong or
    inaccurate.
  • The system to which the certificate has been
    issued has been retired.
  • The subject has failed to comply with the rules
    of this policy.

15
Procedure for Revocation Request
  • The person requesting the revocation of
    certificate must authenticate himself by
  • Sending a signed e-mail to the PK-Grid-CA/RA
  • pkgrid-ca_at_ncp.edu.pk
  • If this is not possible the CA/RA must be
    contacted directly. Authentication can be
    performed with the same procedure used to
    authenticate the identity of person.

16
Records Archival
  • PK-Grid-CA must record and archive
  • All requests for certificates
  • All issued certificates
  • All requests for revocation
  • All issued CRLs
  • Boots and shutdowns of the equipment
  • Interactive system logins
  • All archive data is stored and backed-up in
    safekeeping.
  • The retention period for archives is three years.

17
Physical Security
  • The PK-Grid-CA issuing machine is
  • A dedicated machine.
  • Not connected to any network.
  • Located in a secure environment only accessible
    by PK-Grid-CA administrator.

18
Technical Security
  • Key Generation
  • Key Restriction
  • Certificate Restriction
  • CRL Policy

19
Key Generation
  • Private key is generated by browsers on the
    users machine.
  • CA and RA will never generate private key on
    users behalf.
  • CA and RA have no access to the users private
    key.

20
Key Restriction
  • Key Length
  • PK-Grid-CA private key is 2048 bits.
  • User private key must have 1024 bits.
  • Host private key must has 1024 bits.
  • Pass phrase
  • The pass phrase of PK-Grid-CAs private key is at
    least 15 characters.
  • The pass phrase of end entitys private key is at
    minimum 8 characters.
  • Protecting the pass phrase from others.

21
Certificate Restriction
  • Certificate Lifetime for
  • Validity of PK-Grid-CA certificate is five (5)
    years.
  • User certificate is issued for one (1) year.
  • Host certificate is issued for one (1) year.
  • Certificate should not be shared.

22
Certificate Revocation List (CRL) Policy
  • The lifetime of CRL is 23 days.
  • CRL is updated immediately after every
    certificate revocation.
  • CRL is reissued 7 days before expiration even if
    there have been no revocations.

23
Related Information
  • Homepage
  • http//www.ncp.edu.pk
  • CP/CPS
  • Latest version 1.3.6.1.4.1.19323.1.1.1.3
  • Follows the RFC 2527 structure
  • Available at http// www.ncp.edu.pk/pk-grid-ca
  • PK-Grid-CA certificate
  • Available at http// www.ncp.edu.pk/pk-grid-ca
  • CRL
  • Available at http// www.ncp.edu.pk/pk-grid-ca

24
Contact Information
  • Sajjad Asghar
  • Phone (92-51) 2273545
  • Fax (92-51) 9205753
  • Email sajjad_at_ncp.edu.pk
  • Address National Centre for Physics,
  • Quaid-I-Azam University,
  • Islamabad 45320,
  • Pakistan.
  • Usman Ahmad Malik
  • Phone (92-51) 2273545
  • Fax (92-51) 9205753
  • Email usman_at_ncp.edu.pk
  • Address National Centre for Physics,
  • Quaid-I-Azam University,
  • Islamabad 45320,
  • Pakistan.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "NATIONAL CENTRE FOR PHYSICS PK-Grid-CA" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!