Upload File

client registration examples

14
Insert Your Name Insert Your Title Insert Date Client Registration Examples Update 5/16/2011 Denis Pochuev

Upload: felcia

Post on 21-Jan-2016

37 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

Client Registration Examples. Update 5/16/2011 Denis Pochuev. Summary of updates since last presentation. Summary of the proposal Introducing Pending Registration Examples of Entity Attributes based on Credential Changed Entity Identifier from an enumeration to a new attribute - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Client Registration Examples

Insert Your Name

Insert Your Title

Insert Date

Client Registration Examples

Update 5/16/2011

Denis Pochuev

Page 2: Client Registration Examples

Summary of updates since last presentation

Summary of the proposal

Introducing Pending Registration Examples of Entity Attributes based on Credential Changed Entity Identifier from an enumeration to a

new attribute Clarified relationship between Owner and Object

sharing Future work

• Authentication header that can accommodate 1-to-N mapping between Credential and Entities and device authentication with a proxy

2

Page 3: Client Registration Examples

Summary of the proposal (what we’ve got so far)

Entity and Credential Objects are used to reflect client identities and authenticate clients to the server

Registration (implicit or explicit) creates an Entity and Credential Objects

Clients can register themselves (self-registration) or other clients using certificates or username/passwords

Authentication header includes Credential Object to authenticate the client during a general request

3

Page 4: Client Registration Examples

Summary of the proposal (contd.)

4

Previously proposed registration types• Implicit self-registration with cert• Explicit self-registration with cert• Explicit registration with cert• Explicit registration with username/password

New: Pending registration

• Can be done with cert or username/password• Can be self-registration or registration of another client• Has to be explicit

Page 5: Client Registration Examples

Summary of the proposal (contd.)

5

KMIP Client KMIP Server Auth Request+Create Entity +Create Object

Create Object

Entity UUID + Obj UUID

Create Object

Obj UUID Create Object

Authentication Credential Credential Type: Transport Certificate Credential Value: <empty>

Implicit self-registration with cert (+2 object creations)

KMIP Client KMIP Server

Auth Request+Create Entity

Register Entity

Entity UUID

Create Object

Obj UUID Create ObjectAuthentication Credential Credential Type: Transport Certificate Credential Value: <empty>

Explicit self-registration with cert (+1 object creation)Register Object Type=Entity Template-Attribute Attribute Attribute Name: “Credential” Attribute Value: Credential Type: Transport Certificate Credential Value: <empty>

“Normal” Create operation

Page 6: Client Registration Examples

Summary of the proposal (contd.)

6

Explicit registration with cert (+1 object creation)

KMIP Client KMIP Server

Auth Request+Create Entity

Register Entity

Entity UUID

Create Object

Obj UUID Create Object

Authentication Credential Credential Type: Transport Certificate Credential Value: <empty>

KMIP ClientRegister Object Type=Entity Template-Attribute Attribute Attribute Name: “Credential” Attribute Value: Credential Type: Transport Certificate Credential Value: Certificate Certificate Type: X.509 Certificate Value: <cert>

Page 7: Client Registration Examples

Summary of the proposal (contd.)

7

KMIP Client KMIP Server

Auth Request+Create Entity

Register Entity

Entity UUID

Create Object

Obj UUID Create Object

KMIP Client

Explicit registration with username/password (+1 object creation)

Authentication Credential Credential Type: Username and Password Credential Value: Username: “user1” Password: “password”

Register Object Type=Entity Template-Attribute Attribute Attribute Name: “Credential” Attribute Value: Credential Type: Username and Password Credential Value: Username: “user1” Password: “password”

Page 8: Client Registration Examples

Pending Registration

8

KMIP Server

Queue up the request

Register Entity

Status=pending; ACV=0353256

Poll; ACV=0353256

Obj UUID

Authorize requests

KMIP Client

Asynchronous registration, uses existing asynchronous request mechanism

Provides a way for the server admin to authorize requests off-line

Register Object Type=Entity Asynchronous Indicator=True Template-Attribute Attribute Attribute Name: “Credential” Attribute Value: Credential Type: Transport Certificate Credential Value: <empty>

Page 9: Client Registration Examples

Entity Attributes based on Credentials

Result of a registration is an Entity, by default it contains credential attribute

Register

Object Type=Entity

Template-Attribute

Attribute

Attribute Name: “Credential”

Attribute Value:

Credential Type: Transport Certificate

Credential Value: <empty>

Entity

UUID: ABCD-1234

Attribute

Attribute Name: “Credential”

Attribute Value:

9

Page 10: Client Registration Examples

Entity Attributes based on Credentials

…it may have other attributes in addition to Credential Register

Object Type=Entity

Template-Attribute

Attribute

Attribute Name: “Credential”

Attribute Value:

Credential Type: Transport Certificate

Credential Value: <empty>

Entity

UUID: ABCD-1234

Attribute

Attribute Name: “Credential”

Attribute Value:

Attribute

Attribute Name: “Name”

Attribute Value: user1

10

Page 11: Client Registration Examples

Entity Attributes based on Credentials (contd.)

Certificate Name: user1

Key Size: 2048

Start Date: Apr 20 18:30:41 2011 GMT

Expiration: Apr 17 18:30:41 2021 GMT

Issuer:

C/ST/L: US/CA/RWC

O: SafeNet-RWC

OU: SafeNet

CN: testCA

emailAddress: [email protected]

Subject:

C/ST/L: US/CA/RWC

O: SafeNet-RWC

OU: SafeNet

CN: user1

emailAddress: [email protected]

11

EntityUUID: ABCD-1234Attribute

Attribute Name: “Credential”Attribute Value:

…Attribute

Attribute Name: “Organization”

Attribute Value: SafeNet-RWCAttribute

Attribute Name: “Name”Attribute Value: user1

Entity registration may result in additional attributes being added to the Entity object

Exact procedure of derivation of the attributes from the Credential and/or certificate is at the server discretion

Page 12: Client Registration Examples

Entity Identifier

Before:• Part of Locate

• Entity Identifier, see 9.1.3.2.31

• A enumeration object used by the client to locate Entities with special properties

Locate

Entity Identifier = Self

After:• New attribute

Locate

Attribute

Attribute Name = Entity Identifier

Attribute Value = Self

12

Page 13: Client Registration Examples

Owner and Sharing

Owner is:• An attribute that holds the Unique Identifier of the Entity object that

owns the given object• By default an Entity is allowed to operate only with the objects

owned by it• Can be overridden by server policy

Owner is not:• At least in the current revision of the spec, a method to address

object sharing

13

Page 14: Client Registration Examples

Optional Entity in Authentication Header

14

Current assumption: 1-to-1 mapping between Credential and Entity (only one Entity corresponds to a given Credential)

Adding attributes to Entity registration + sending Entity UUID in Authentication header addresses that issue

KMIP Client KMIP Server

Auth Request+Create Entity

Register Entity

Entity UUID

Create Object

Obj UUID Create Object

Authentication Credential Credential Type: Transport Certificate Credential Value: <empty> Entity UUID=0x172b45a435890c9078243589de2309458

KMIP Client

Register Object Type=Entity Template-Attribute Attribute Attribute Name: “Credential” Attribute Value: Credential Type: Transport Certificate Credential Value: Certificate Certificate Type: X.509 Certificate Value: <cert> Attribute id=0xb34a32b23a43093d Attribute ip-addr=10.10.10.10 Attribute mac-addr=02:ba:d0:ca:fe:99


CLIENT REGISTRATION AGREEMENT - RSBLrsblspot.co.in/pdf/Registered_Client_Undertaking.pdfCLIENT REGISTRATION AGREEMENT THIS CLIENT REGISTRATION AGREEMENT (“THE AGREEMENT”) IS MADE

Device Registration Service User Guide - dl.nsiautostore.comdl.nsiautostore.com/swupdates/6.00/DRS/Device Registration Service Client User Guide.pdfKonica Minolta iOption Unified Client

LAYLA Client Manual-User Registration 20200512v2 Client Manual-User... · Title: Microsoft PowerPoint - LAYLA Client Manual-User Registration 20200512v2.pptx Author: TMH Michael Created

Registration and listing examples - U S Food and Drug

REGISTRATION INDIVIDUALREGISTRATION CLIENT

CLIENT REGISTRATION FORM - Marck Securities

INDIVIDUAL CLIENT REGISTRATION FORM - … · INDIVIDUAL CLIENT REGISTRATION FORM ... Your needs will be of utmost importance to us and ... Copy of demat account statement/client master

Image Registration Lecture 4: First Examples

Client Registration Application No. - Commodities Servicesishaanmetals.com/Account_Oppening_Form_NEW.pdf · Client Registration Application No. ... Foreign Banks/Gazetted Officer/Notary

CLIENT REGISTRATION KITastitvaonline.com/Wp-content/KYC.pdfInformation regarding prevention of money laundering Addendum to the Client Registration Form / Key Information 21 8. Declaration

2017 ITAP Client Examples

Client Registration Form1 R. R. Nabar & Co. Share Brokers (P.) Ltd. (Since1908) Member : The Bombay Stock Exchange Ltd. SEBI Registration No. INB010996833 Client Registration Form

Client Registration COMMODITY BEST BROKER · 2015-07-30 · Client Registration Form comtrade 2014 BEST COMMODITY BROKER Awarded by: ... Bank Statement (either on bank stationery

Client & Pet Registration Form

Telehealth Client Registration Module--Staff Training

CLIENT REGISTRATION FORM - ankitindia.net.inankitindia.net.in/NEW NSE FORM.pdf · CLIENT REGISTRATION FORM ... (in such case please privide marriage ... 郭 Copies of the Memorandum

Client Work Examples

Javascript Browser – Client Side Processing Activity page/examples: rosely/js/ Browser – Client Side Processing Activity page/examples:

Client FTP - Cisco...† Client FTP File Transfer Examples Provides examples of some of the Client FTP commands. Introducing Client FTP The File Transfer Protocol (FTP) is an application

Client Registration Kit - Moneypalm · Client Registration Kit ... (*Sufficient documentary evidence in support of such ... Institution as defined under section 4A of the Companies

CONFIDENTIAL CLIENT HISTORY FORM & REGISTRATION

ThinkWall: A series of design examples from client work

CLIENT REGISTRATION

Client REgistration Form - ilfsdp.com

Bd Past Client Examples

Client Object Model Examples

NON-INDIVIDUAL CLIENT REGISTRATION FORM - … Indivdual Final_MAY 2014.pdf · NON-INDIVIDUAL CLIENT REGISTRATION FORM ... and Running Account wishes to avoid exchange of funds and

WG2 N1338: MFI-2-4 Registration Examples

Client Registration form individual - Barclays

Real-life examples for IBM i Access Client Solutionslisug.org/presentations/ACS_Real_Life.pdf · Real-life examples for IBM i Access Client Solutions Jesse Gorzinski IBM i Emerging

New Client Registration Form - PatientPop · Microsoft Word - New Client Registration Form.docx Created Date: 11/25/2014 6:23:06 PM

Client Registration Client Login Client ID & Password

Client Registration Form

CLIENT REGISTRATION FORM SUE NOLAN, M.A./LIZ SWANSON ...€¦ · Client Registration Form – Sue Nolan/Liz Swanson-Hyland Revised 10/2013 . 2 Responsive Centers for Psychology &

CLIENT REGISTRATION FORM SPOUSE iasl Fiat MNdlevetstreet-wb.brightspotcdn.com/assets/25/64/ac3fcf6e... · 2017. 4. 26. · CLIENT REGISTRATION FORM SPOUSE_____ iasl Fiat MNdle HOME