January, 2011

NIST just released 2 draft documents on Cloud Security

Guidelines on Security and Privacy in Public Cloud Computing: SP 800-144  (DRAFT)

http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf

NIST Definition of Cloud Computing: SP 800-145 (DRAFT)

http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-definition.pdf

This video demonstration shows how to use FIM 2010 Certificate Management to request and issue an SSL certificate. The solution shown in this demo is created to satisfy the following requirements:

• SSL certificates must be approved by RA Manager.
• Simplify the enrollment process and remove guessing from the subscriber.
• Certificate Subject name must be in Geopolitical format, such as: cn=hostname, ou=devices, o=adatum, c=us
• SubjectAltName extension must have actual name(s) for the URL the cert will be used for.
• SubjectAltName must also include subscriber e-mail address.

This demonstration is also published on the following site: http://CloudIdentityBlog.com

Please watch this video in Full screen and in HD for higher quality and better user experience. Let me know if you have any questions.

If you would like to know how to build solution shown in this demonstration then stay tuned, because I’m going to show you in step-step video demonstration how to do just that. 

Who said that implementing PKI is hard? The following one hour video demonstration shows how to implement the most common PKI solution – two tier PKI with Root CA and Subordinate Issuing CA. I’ll discuss the design and why it is done this way, discuss best settings for PKI implementation and show how to do it, step—by-step. After watching this video you will be able to do the same. This video is in High Definition, so you can through it on big screen if you like and watch in all glory details. You can forward and pause, rewind and watch it all over as long as you like.

You can also see this presentation on my blog at http://CloudIdentityBlog.com

Here is the basic flow of this video demonstration:

1. Discuss two-tier PKI design.
2. Show how to install Root CA.
3. Perform post installation configuration on the Root CA.
4. Perform pre installation tasks on the Issuing CA.
5. Show how to install Issuing CA.
6. Sign Issuing CA cert at the Root CA.
7. Perform post installation configuration on the Issuing CA.
8. Verify that our solution is healthy.
9. Issue Domain Controller Certificate via auto-enrollment.

Stay tuned for future video demonstrations, I’m putting together demonstration on how to implement FIM 2010 Certificate Management solution and use it to issue SSL certificates with management approval workflow.

This video demonstration is another installment in the “Implementing FIM 2010”. It shows how to configure a Management Agent (MA) for joining and then do some breadcrumb of the dirty data. You can watch all video demonstration in the “Implementing FIM 2010” by going to my “Implementing FIM 2010” video channel.

This video is also shared on my CloudIdentityBlog.com.

Please watch this video in Full screen and in HD for higher quality and better user experience. Let me know if you have any questions.

Hi folks,

My new site is now live and kicking, I’ll post the same information on that blog as I do here but it is easier to remember and will be easier to access. Also, the management of that site is a bit easier.

http://cloudidentityblog.com, check it out and let me know what you think.