PKI services in the Public Sector of the EU Member States Objectives and Methodology of the survey Prof. Sokratis K. Katsikas University of the Aegean,

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Secure Communication Architectures.
Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure Ben Sangster February 23, 2006.
Page 1 Issues in and perspectives on electronic authentication of health professionals Pascal POITEVIN Marketing and Communication manager GIP-CPS e-Health.
1 ARPA A regional infrastructure for secure role-based access to RTRT services Ing. Laura Castellani Tuscany Region.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Intra-ASEAN Secure Transactions Framework Project Progress Report
PKI Services for the Public Sector of the EU Member States Dr. Dimitrios Lekkas Dept. of Products & Systems Design Engineering University of the Aegean.
Chapter 8 Web Security.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Public Key Infrastructure Ammar Hasayen ….
Republic of Sudan Ministry of Telecoms & Information Technology National Committee for Digital Certification ELECTRONIC ID IN ONLINE ADMISSION FOR UNIVERSITIES.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
National Smartcard Project Work Package 8 – Security Issues Report.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Key Elements for electronic Local Authorities’ Networks Cagliari, 27 th May 2002 Walter Wenzel CEO of KEeLAN project.
Functional Model Workstream 1: Functional Element Development.
Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Logo Add Your Company Slogan China Financial Certification Authority Third-party certification authority Team 13 :吉露露、吴莹莹、潘韦韦 ( CFCA )
Configuring Directory Certificate Services Lesson 13.
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
PKI Forum Business Panel March 6, 2000 Dr. Ray Wagner Sr. Director, Technology Research.
Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Higher Education PKI Summit Meeting August 8, 2001 The ABA PAG Rodney J. Petersen, J.D. Director, Policy and Planning Office of Information Technology.
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.
DIGITAL SIGNATURE.
KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.
Using Public Key Cryptography Key management and public key infrastructures.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Creating the environment for business Assessment of the Implementation by the Member States of the IPPC Directive Advisory Group Meeting Friday 13 th January.
A Study of Certification Authority Integration Model in a PKI Trust Federation on Distributed Infrastructures for Academic Research Eisaku SAKANE, Takeshi.
Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed.
CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group.
TAG Presentation 18th May 2004 Paul Butler
TeleTrusT Initiatives for PKI Solutions
TAG Presentation 18th May 2004 Paul Butler
SPOCS : Simple Procedures Online for Crossborder Services
Organized by governmental sector (National Institute of information )
Public Key Infrastructure (PKI)
Security in ebXML Messaging
Dan Tofan | Expert in NIS 21st Art. 13a WG| LISBON |
PKI Services for the Public Sector of the EU Member States
جايگاه گواهی ديجيتالی در ايران
Chapter 4 Cryptography / Encryption
Prof. Sokratis K. Katsikas University of the Aegean, Greece
PKI (Public Key Infrastructure)
National Trust Platform
Presentation transcript:

PKI services in the Public Sector of the EU Member States Objectives and Methodology of the survey Prof. Sokratis K. Katsikas University of the Aegean, Greece

Research team Scientific Director Asst. Prof. Stefanos Gritzalis Technical Director Prof. Sokratis Katsikas Quality Reviewer Asst. Prof. Dimitris Gritzalis Researchers Asst. Prof. Lilian Mitrou Asst. Prof. Yannis Stamatiou Dr Dimitris Lekkas

University of the Aegean, Greece Facts... Increasing use of technology and the Internet by huge numbers of people. Government organizations are in a transition state: from the “paper-based” to the “paper-less” office. …these led to the idea of making available online public services (i.e. G2G and G2C transactions). A considerable advantage: Transactions can take place with unprecedented ease at high speed, with no need for physical presence of either of the transacting parties at the transaction site. A considerable disadvantage: Security problems and privacy threats. Which leads us to …

University of the Aegean, Greece Basic security requirements Confidentiality Access to information to authorized entities only. Integrity Modification of information only by authorized entities. Availability Information available to authorized entities upon request within reasonable time. Non-repudiation Impossibility of later denial of a committed action

University of the Aegean, Greece Addressing security requirements Public Key Cryptography (PKC) is an effective technology to establish the baseline security requirements. To support PKC, it is necessary to establish an appropriate infrastructure, the Public Key Infrastructure (PKI). A series of technological and legal issues need to be addressed (and resolved) before establishing a PKI.

University of the Aegean, Greece The objectives of our survey To identify the extent of the use of electronic signatures towards the establishment of e- government services. To identify the technologies employed for the exploitation of e-signatures. To investigate the legal issues involved in the use of e-signatures. To identify ways of managing certificates in the public sector. To provide a set of good-practices regarding the above issues.

University of the Aegean, Greece Components of our methodology Review current status (identify the current status regarding the use of e-signatures in the EU) Investigate legal issues pertaining to e-signatures (review legal and regulatory issues regarding the use of signatures) Investigate already employed technical standards (review the e-signature standards in place) Review relevant case studies (where available) (information stemming from relevant surveys) Make use of questionnaires (conclusions drawn from responses to appropriate questions)

University of the Aegean, Greece Expected results Good practice for the Public Sector in EU Member States Reviews Questionnaires EU legal issues Case-studies Employed technical standards

University of the Aegean, Greece Questionnaire We have prepared, for distribution, a questionnaire comprising 27 questions, grouped in 5 categories, relating to: (a) existing e-services (b) legal status of certificates (c) use of certificates in the public sector (d) requirements from Certification Service Providers (e) use of certificates for G2G and G2C transactions

University of the Aegean, Greece Issues discussed in a good-practice proposal Architecture of and technologies needed for a PKI environment Interoperability Legal status of a Certification Authority (CA) Certification hierarchy levels and cross- certification Role and identity certificates Certificate revocation and expiration policy Registration Authorities (RA) …

University of the Aegean, Greece Summary Towards a good-practice guidance, for the exploitation of Public Key Infrastructure by the Public Sector