Thursday 4 June 2:30pm
Location: Old Union - Clubhouse
 |
|
 |
|
|
|
Location: Old Union - Clubhouse
Speakers: Jeffrey Altman, Asanka Herath, Daniel Kouřil
Title: An Introduction to Network Identity Manager version 2
Abstract:
Network Identity Manager version 1 is an end-user credential manager that automates the acquisition, renewal and management of Kerberos tickets, AFS tokens, KCA X.509 client certificates, X.509 Proxy certificates with the restriction that the initial authentication identity is a Kerberos v5 principal. Network Identity Manager has been adopted by many organizations as the principal user interface for end-user network credential manager on Microsoft Windows platforms.
This talk will unveil the upcoming Network Identity Manager version 2 release which not only improves upon its usability and visual appearance but also adds significant new functionality. Whereas version 1 was tied specifically to Kerberos v5 identities due to the restriction of a single identity provider, version 2 now supports the simultaneous use of multiple identity providers; including identity providers that manage identity providers.
During this talk we will demo:
Network Identity Manager version 2
A Keystore Identity Provider which permits a single local password authentication to unlock a database that contains configuration and credentials for other identities. Once unlocked the Keystore database is used to perform initial authentication for each of the included identities. For users that must obtain AFS tokens for multiple cells using different Kerberos v5 identities, this functionality is a winner.
A Proxy Certificates Identity Provider that manages proxy certificates based on long-term certificates stored in the MS CertStore, file or smart card.
A Short-lived X.509 Certificate Identity Provider that manages X.509 client certificates issued by on-line www Certificate Authorities.
Slides:
PowerPoint (Altman & Herath)
PDF (Altman & Herath)
PowerPoint (Kouril)