Updates of the APGrid PMA - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

Updates of the APGrid PMA

Description:

National Institute of Advanced Industrial Science and Technology. Updates of the APGrid PMA ... Gongxing Sun, Gang Chen, Fan HuaXiang. Issues certificates for ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 15
Provided by: yos44
Category:

less

Transcript and Presenter's Notes

Title: Updates of the APGrid PMA


1
Updates of the APGrid PMA
  • Yoshio Tanaka
  • APGrid PMA, Chair
  • Grid Technology Research Center,
  • AIST, Japan

2
APGridPMA Members
Affiliation Name Production CA Experimental CA
AIST / Japan Yoshio Tanaka in operation in operation (limited use)
ASCC / Taiwan Eric Yen in operation none
KISTI / Korea Sangwan Kim in operation none
CNIC/SDG / China Kai Nan under review in operation
IHEP / China Gonxing Sun in operation none
APAC/Australia David Bannon in operation will close
NAREGI/Japan Masataka Kanamori in operation closed
NCHC / Taiwan Tsung-Ying Wu accredited in operation (limited use)
SDSC(PRAGMA) / USA Mason Katz planning planning
NECTEC / Thailand Sornthep Vannarat Planning in operation
NGO / Singapore Jon Lau under review none
KEK / Japan Takashi Sasaki in operation will close
HKU / HongKong Chen Lin, Elaine no plan in operation
U of Hyd / India Arun Agarwal no plan in operation
USM / Malaysia Boon Yaik no plan in operation
Osaka U / Japan Susumu Date planning in operation
3
Geographical locations (except US and AU)
4
APGrid CAs (accredited, 1/3)
  • Australia
  • APACGrid CA
  • Accredited in Nov. 2005
  • Started the operation in Feb. 2006
  • Audited in March 2006
  • David Bannon, Graham Jenkins, Chris Kendrick
  • Issues certificates for LCG
  • China
  • IHEP CA
  • Accredited in May 2005 (already in operation)
  • Audited in December 2005
  • profile of the root cert. has been changed
  • Gongxing Sun, Gang Chen, Fan HuaXiang
  • Issues certificates for LCG
  • CNIC / SDG CA
  • Accredited in Dec. 2005.
  • Not yet in operation
  • Going to launch a new CA
  • hierarchical CA

5
APGrid CAs (accredited, 2/3)
  • Japan
  • AIST GRID CA
  • Accredited in Sep. 2004
  • Started the operation in March 2005
  • Audited in March 2005
  • Yoshio Tanaka, 5 staffs
  • NAREGI CA
  • Accredited in Nov. 2005
  • Started the operation in Feb. 2006
  • Not yet audited
  • Masataka Kanamori, 4 staffs
  • KEK Grid CA
  • Accredited in Jan. 2006
  • Started the operation in Feb. 2006
  • Not yet audited
  • Takashi Sasaki, 23 staffs
  • Issues certificates for LCG

6
APGrid CAs (accredited, 3/3)
  • Korea
  • KISTI GRID CA
  • Accredited in Aug. 2004. (already in operation)
  • Not yet audited
  • Sangwan Kim, Jae-hyuck Kwak
  • Issues certificates for LCG
  • Taiwan
  • ASGCC CA
  • Operated by Academia Sinica Grid Computing Center
  • Accredited in Sep. 2004. (already in operation)
  • Audited in Aug. 2005
  • Eric Yen, C.C. Chang, 12 operators
  • Issues certificates for LCG
  • NCHC Grid CA
  • Operated by National Cener for High-performance
    Computing
  • Accredited in Feb. 2006
  • Not yet in operation
  • Alex Wu, Weicheng Huang, 12 operators

7
APGrid CAs (under review, planned)
  • Singapore
  • NGO CA
  • will be operated by National Grid Office and
    Netrust Inc.
  • CP/CPS under review
  • will issue certificates for LCG
  • Thailand
  • NECTEC CA
  • will be operated by National Electronics and
    Computer Technology Center
  • drafting CP/CPS
  • Thai National Grid Center (will be accredited as
    a new member)
  • will be operated by Thai National Grid Center
  • drafting CP/CPS
  • USA
  • PRAGMA CA
  • will be operated by SDSC
  • planning to be a catch-all CA for PRAGMA members
  • drafting CP/CPS

8
APGrid CAs (general membership)
  • China
  • Univ. of Hong Kong
  • India
  • Univ. of Hyderabad
  • Japan
  • Osaka Univ.
  • Malaysia
  • Univ. Sains Malaysia

9
APGridPMA Status Activities
  • Accreditation of CAs
  • 9 accredited CAs
  • AIST, APAC, ASGCC, CNIC, IHEP, KEK, KISTI,
    NAREGI, NCHC
  • 7 CAs are in operation
  • CNIC/SDG will change the structure and will be
    re-accredited
  • Audit
  • AIST, APAC, ASGCC, IHEP have been audited by the
    other CAs.
  • Regular (monthly) VTC.
  • Brief status reports of each CA
  • In-depth report of a CA
  • Decisions
  • Examination for accreditation of a CA
  • Approval of charter, minimum CA requirements,
    etc.
  • Open discussions
  • (physical) face-to-face meeting (at least) once
    per year.
  • 1st face-to-face meeting was in Dec. 2005,
    Beijing.
  • 2nd meeting will be in Oct. 15, 2006, Osaka,
    Japan.

10
Some Updates
  • Next chair
  • Yoshio Tanaka (continue)
  • CA Monitoring page using Nagios
  • http//www.apgridpma.org/nagios/
  • Shows status of all IGTF-accredited CAs
  • Modified script (read configuration from .info
    file)
  • Next F2F meeting
  • October 15, Osaka, Japan (co-located with PRAGMA
    Workshop)

11
Some Updates (contd)
  • Issues to be discussed
  • Accreditation of NGO/Netrust CA
  • Some information are confidential
  • Too short validity period of CRL
  • Netrust CA agreed with disclosing audit report to
    the APGrid PMA auditors
  • Accreditation of CNIC/SDG CA
  • hierarchical CA
  • IGTF CA distribution from the APGrid PMA
  • Will need to limit the number of CAs per region
  • Japanese universities will build UPKI
  • China has some national/international Grid
    project
  • Need to consider hierarchical structure of PMAs

12
Proposed audit items
  • NAREGI PKI WG has subjectively selected criteria
    for auditing Grid CAs.
  • based on
  • AICPA/CICA WebTrustSM/TM Program for
    Certification Authority
  • minimum CA requirements of APGrid PMA and EUGrid
    PMA
  • Web Trust
  • WebTrust is a seal awarded to web sites that
    consistently adhere to certain business standards
    established by the Canadian Institute of
    Chartered Accountants (CICA.ca) and the American
    Institute of Certified Public Accountants
    (AICPA).
  • In the program, Web Trust Principles and
    Criteria for Certification Authorities lists
    criteria for CAs.
  • may too much for Grid CAs.

13
Audit checklist
  • Simply pickup items from WebTrustSM/TM criteria
    based on minimum CA requirements.
  • The number of criteria

WebTrustSM/TM Check List
Principle 1 45 13
Principle 2 188 14
Principle 3 165 7
Others 4
14
Rough procedures for auditing
  • Pre examination (few days)
  • Review all available documents
  • CP/CPS, Users manual, Operational manual, CRL,
    CA Certificate, etc.
  • Prepare score sheet
  • Main examination (half day)
  • Interview to CA staffs
  • Detailed flow of identifying end entities and
    issuing certificates
  • How accesses to the CA private key is controlled
  • Inspection of equipments
  • CA server, CA room, backup media, archived logs,
    a safe box, etc.
  • Post examination (half day)
  • Draft and send an audit report
  • The audited CA is requested to send a report on
    plans for the improvements in 1 week
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Updates of the APGrid PMA" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!