Monthly Archives: July 2008

R4: Checking OpenPGP and CA

[Work done from 7th July to 20th July 2008]

During this fortnight week we had a meeting with our project supervisor Dr.Chandana Gamage. We discussed about the using USB smart sticks  or normal USB memory sticks for the eID project. (USB smart sticks had internal processor but it is a commercial product).

And also we discussed about the OpenPGP and CA, which is an open source Public Key Server. So we have to decide the this technologies depend on system requirements.

Also we discussed about Kerberos Architecture and WSO2 Identity Solution.  Also Dr.Chandana Gamage gave important ideas for the first formal presentation too.

Filed under Reports

R4: Preparing for Presentation

[Work done from 7th July to 20th July 2008]

We had a weekly discussion with our project supervisor during this period and we mainly discussed about the backed systems that we could use with our project. We learnt about the Kerberos architecture and the related Kerberos protocol that is useful in any authntication based systems.

We have devided our things to look into as the following

  • Hardware – USB Smart card or USB memory stick
  • PGP / CA
  • WS-Identity – what we can get from this

We also got prepared for the first formal presentation during this period. We created a presentation slides for this purpose.

We will also be meeting with a person at WSO2 during next week to discuss about WS-Identity.

Filed under Reports

R4: Some or more, a lot more

[Work done from 7th July to 20th July 2008]

During this two week we mainly forcus about the backed technologies in our project. We also discussed with our supervisor Dr.Chandana Gamage regarding the project. And further discussions with our project supervisor Dr.Chandana Gamage we got some valuable points.

Following thinks that we discussed with our supervisor:

  • Developments so far
  • Smart card
  • PGP vs CA
  • Kerberos Architecture
  • Contact for WS-Identity
  • Ideas for first formal presentation

Regards,
Shayanthan

Filed under Reports

R4: PGP, PKI, WS and more…

[Work done from 7th July to 20th July 2008]

During this two week period we had a meeting with our project supervisor Dr.Chandana Gamage.
During that meeting we discussed the following;

1.
Developments so far
We discussed about the current status of the project and described our progress in terms of knowledge gained and possible solutions gathered.

2. Smart card
We discussed about the possibilities of using USB smart sticks instead of normal USB memory sticks. It is a good option considering the internal processor contained in it. But as it is being a commercial product (eg: iKey 2032) and expensive we are adviced to research about the feasibilities of using such an interface.

3. PGP vs CA
OpenPGP is an open source Public Key Server, can be used to issue the keys. But in PGP the problem is trust is with the user not the server. Only the user decides the trust level for each of the keys he/she would encounter. On the other hand using a Certificate Authority (CA) model would add trust to system itself. So we have to decide on what is best suited for us and what more we have to add to these in our need.

References:
http://pks.sourceforge.net/
http://www.pgpi.org/doc/pgpintro/

4. Kerberos Architecture
Dr.Chandana Gamage also explained about the Kerberous architecture with some practical examples and adviced on how that could be included in our system design

5. Contact for WS-Identity
We found an existing WSO2 project named Identity Server, which can be used as a project component. Our superviser Dr.Chandana Gamage gave us the contact details of the author of that program. We are adviced to discuss with the author named Charith and get some useful ideas.

6. Ideas for first formal presentation
We were given ideas for the first formal presentation, about how to do an efficient presentation with fewer number of slides for this purpose, what important points to be noted and so on..

We also decided to meet with our supervisor regularly to discuss the project progress.

Filed under Reports

R3: Problems with PKI

[Work done from 23rd June to 6th July 2008]

We had formal discussion with the team members to discuss what we have to do and what each person should take responsibility of. Me and Ramanan looked into using PKI in our system. We looked into systems like GnuPG, OpenPGP and we studied with the internet resources to understand who PKI authentication works.

We were unable to install and test with a PKI system as we didn’t have much knowledge on how that works. Also through web resources we were able to get only a limited amount of knowledge which gave us the basic idea about PKI system but not full implementation details.

We also had a weekly meeting with our project supervisor Dr. Chandana Gamage and this provided us the opportunity to discuss about our progress and problems in the project.

Filed under Reports

R3: Learning Kerberos

[Work done from 23rd June to 6th July 2008]

During this fortnight week we had a group meeting and we plane to do some work. And also I studied about the Kerberos Architecture and got to know about that feasibility in our project. Kerberos is good Network Authentication protocol which can be helpful for your project. And that protocol and it has a own Architecture. And it is mainly designed to provide strong authentication for client/server applications by using secret-key cryptography.

Problems Encountered:
Main problem that I had was, hard to understand about the Kerbros Architecture. Because all the terms and technologies that used there were very new for me. It was hard to gather various information from that technique. All of the  existing topics were really new for me. And It was very hard to manage the time with other academic stuff.

Overcome the Problems:
After we talked with our Supervisor Dr. Chandana Gamage, we understood some underneath structure and how its work. Then I could got some more about that Architecture. And also I read more about Kerbros Architecture.

Even though it is usual that the academic stuff is high we have to manage it anyhow.

Kanaganayagham Shayanthan – alias Shayanth

Filed under Reports

R3: Offline or Online

[Work done from 23rd June to 6th July 2008]

We had a group meeting within this period and we made some decisions regarding our project problem domain. Our discussion was based on the following details.The details and the solutions of the problems addressed as follows.

For off-line authentication

  1. Can carry a digital identity card
  2. Or a USB token
  3. Or a mobile phone, applet
  4. Or any other portable appropriate medium
  5. If needed this offline identity should be able to be verified online.

Then we also decided about our project front-end and back-end infrastructures, then were doing researches on those areas.

We were concentrating on Public Key Infrastructure, USB Smart cards and USB memory sticks.

Filed under Reports

R3: CardSpace and Kerberos

[Work done from 23rd June to 6th July 2008]

During this fortnight week we had a group meeting and we plane to do some work. In this week I did found some existing project similar to our eID project. Microsoft windows “CardSpace “has some similar functionality to our eID system. Also I studied about the Kerberos Architecture and got to know about that feasibility in our project. There are some other products I have to study more.

After we had a meeting with our Supervisor Dr. Chandana Gamage and he explain lots of things regarding the eID project and related technologies like “Kerbros Architecture”, PGP and Smart card.

And also Dr. Chandana Gamage advice us to keep contact with Mr. Ruchith Fernando, who is project manager of the WSO2 “Identity Solution”

Filed under Reports

Project Website Launched

Project eID Web site

Project eID Web site

We have launched our project web site at our own domain www.project-eid.org. We will be posing our project updates, documentation and other project related information at this website in future. We will also migrate all our past documents to this site. You can also find the details about the researches we are doing and related papers (draft and final) at this site.

This site will also host the code repository of our project for public access. We will make available the code to public in near future.

So just keep an eye on this place for more details on Project eID.

(Thanks to [email protected] for helping me in setting up this domain and site within hours).

Filed under News

Kerberos Architecture

Friends,

I found a good Network authentication protocol which can be helpful for our project. Kerberos is a protocol and it has it’s own Architecture. And it is mainly designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.

You may refer to the following site for more information – http://web.mit.edu/Kerberos/#what_is

And heres some papers about Kerberos – http://web.mit.edu/Kerberos/papers.html

With smile,
Shayanth

Filed under Articles