Global e-security www.baltimoreinc.com 1 GATEKEEPER CACR Connecticut 09 November 1999.

Slides:

Advertisements

Similar presentations

The Implementation Structure DG AGRI, October 2005

Advertisements

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

Presenters: Promoting Regulatory Excellence Linda Waters, Prometric and Sandra Greenberg, Professional Examination Service Evaluating the Performance of.

‘SEATS Research Resource’ An application for funding under Regional Partnerships February 2004.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.

Training Institute of Public Administration Tirana, ALBANIA

Professor Ian Anderson & Ms Debra Knoche Centre for Health & Society – Onemda VicHealth Koori Health Unit University of Melbourne National Workforce Strategy.

1 Compliance Requirements November 27, Client registration & KRA requirements Formalities rationalized (agreements, signatures, documents) Availability.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Connecting People With Information DoD Net-Centric Services Strategy Frank Petroski October 31, 2006.

Spring Conference of the European Privacy Commissioners 2002 in Bonn 1 Privacy Protection Audit/Seal of Quality - Practical Experience Dr. Helmut Bäumler.

Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

Session 3 - Plenary on implementing Principle 1 on an Explicit Policy on Regulatory Quality, Principle 3 on Regulatory Oversight, and Principle 6 on Reviewing.

Second European Paper Recycling Award The European Recovered Paper Council (ERPC) was set up after the successful launch of the first ‘European Declaration.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

Alec Hay Pr Eng C Eng Chair EMF. Washington, Sydney & Dublin Accords, EMF, ETMF, APEC, FEANI EDUCATION FORUM MOBILITY FORUM.

Accreditation and Proficiency Testing. APT Subcommittee MembershipMeeting Activities 21 members, 15 non- Commissioners Representation: Accreditation bodies.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

2 Overview With active participation from individuals and chapters all over the world, the Information Systems Security Association (ISSA)

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

1 Status Report: Task Force on FAMU Finance and Operational Control Issues Derry Harper, Inspector General & Director of Compliance December 6, 2007.

PKI Forum Sydney 2000 Members Meeting Stephen Wilson Chair -- Certification Forum of Australia Director -- PricewaterhouseCoopers beTRUSTed PKI in Australia.

Trends in Corporate Governance Dr. Sandra B. Richtermeyer, CMA, CPA President, Institute of Management Accountants (IMA) June 21, 2011.

Adult Training in Romania by Felicia Zarojanu – National Adult Training Board.

Elements of Trust Framework for Cyber Identity & Access Services CYBER TRUST FRAMEWORK Service Agreement Trust Framework Provider Identity Providers Credential.

GhNIC.gh ccTLD organization by Eric Akumiah

Draft – discussion only Content Standards WG (Documents and Data) Proposed HITSC Workgroup Evolution 1 Architecture, Services & APIs WG Transport and Security.

Quality Assurance of Malaysian Higher Education COPIA – Code of Practice for Institutional Audit COPPA – Code of Practice for Programme Accreditation.

Identity Ecosystem Framework and Charter Gap Analysis.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

PKI Forum Mission “The PKI Forum is an international, not-for-profit, multi- vendor and end-user alliance whose purpose is to accelerate the adoption and.

E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.

E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.

ITS Contract An Overview of the Instructional Telecommunications Services Contract.

Name Position Organisation Date. What is data integration? Dataset A Dataset B Integrated dataset Education data + EMPLOYMENT data = understanding education.

United States Department of Justice Global Security Working Group Update Global Advisory Committee November 2, 2006 Washington, D.C.

Result Orientation in Interreg CENTRAL EUROPE Annual Meeting, Luxemburg, 15 September 2015 Monika Schönerklee-Grasser, Joint Secretariat.

1 Standard Setting for Nonpublic Entities Activities of the FAF/FASB  2006-FASB created Private Company Financial Reporting Committee (PCFRC)  2008-FAF.

State of e-Authentication in Higher Education August 20, 2004.

New Hanover Health Network Wilmington, North Carolina An Innovative Approach to Establishing Shared Governance Gabriele Pike, RN New Hanover Health Network.

The European Network for Quality Assurance in VET Giorgio Allulli Vicechairperson of ENQAVET Board MEDA-ETE Annual Forum2008.

KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.

4th Conference on Information Society Infobalt, Vilnius 1 Privacy Protection Audit and IT Security Problems in Germany Dr. Thilo Weichert Independent Centre.

SACS-CASI Accreditation and the Library Media Program in Public Schools Laura B. Page.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

Sustainable Forest Management Certification - Case Study and Future Initatives Calton Frame Resource Manager.

1 May 30, 2007 U.S. – China Symposium on Active Industry Participation in Standardization Overview of U.S. Participation in ISO and IEC.

Loudon County Schools External Review Exit Report February 19-21, 2013.

The Decision to Buy vs. Build Nicholas Davis (UW-Madison) Tom McDonnell (Geotrust)

Possibilities for joint procurement of commercial cloud services for WLCG WLCG Overview Board Bob Jones (CERN) 28 November 2014.

NATIONAL SOCIETY DEVELOPMENT

The Policy Side of Federations Kenneth J. Klingenstein and David L. Wasley Tuesday, June 29, CAMP Shibboleth Implementation Workshop.

Accountability & Program Assessment Governing Board Online Training Module.

GTE ppt 1 Brussels, Henri Cattoor, Edigas Chairman GTE Interoperability, EASEE-gas and LNG.

MULTI-LEVEL GOVERNANCE FOR THE ACHIEVEMENT OF EQUALITY AND NON-DISCRIMINATION How to ensure thatdifferent governance levels combine to achieve goals of.

Strengthening of Internationalisation in B&H Higher Education Analysis of current state in internationalization from the accreditation aspect of HEIs Maja.

The Lead Agency Council Sports Trust (Sport Otago) Cluster of clubs Interested parties / other.

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

Gerald Farthing PhD Chair, United Nations Economic Commission for Europe Steering Committee on Education for Sustainable Development.

Electronic Government and IT Policy Unit

Overview of U.S. Participation in ISO and IEC

SWIM Common PKI and policies & procedures for establishing a Trust Framework Kick-off meeting Patrick MANA Project lead 29 November.

OECD Chief Statistician and Director, Statistics Directorate

Health IT Policy Committee Workgroup Evolution

HIMSS National Conference New Orleans Convention Center

Session 1.6a: PRESENTATION

The e-government Conference main issues

Request for Extension of the Implementing Agreement for …… (xxx IA)

Request for Extension of the Implementing Agreement for …… (xxx IA)

Presentation transcript:

global e-security 1 GATEKEEPER CACR Connecticut 09 November 1999

global e-security 2 Overview Origins GPKA Evaluation - process Accreditation - an evolution Critique Look to the future Conclusion and Summary

global e-security 3 Origins Commenced in 1997 Three core initiatives  AGEGECThe Law  NOIEA National approach  OGITCommonwealth Government  Target May 1998 Gatekeeper launched May 07, 1998  Minister for Finance & Administration  GPKA Established  Secretariat Established Policy to process

global e-security 4 GPKA Government Public Key Authority Established May 1998 Core responsibilities  Manage the GPKI  Promote take - up within the Commonwealth  Recommend accreditation of TTPs  Establish and manage the accreditation process  Set standards for government operation  accredit Identity standards and processes

global e-security 5 GPKA - Within a PKAF PARRA International RCA Multi-national RCA Government Run ICA Government Run OCA’s Government Run ORA’s Government Accredited Commercial ICA Government Accredited Commercial OCA Government Run OCA Government Accredited Commercial ORAs Government Run ORA Non Government Run OCA Non Government Run ORA Non Government Accredited ICA Non Government Accredited OCA’s Non Government Accredited ORA’s GPKA Users

global e-security 6 GPKA - Membership OGO (Chair) H.I.C. ATO Core (Voting) Members DSD NOIE ? ? AIIA AEEMA PRIVACY Special interest groups Advisory (non voting) members Industry + Government

global e-security 7 Evaluation - process Submit Security Policy & Practice Statements For evaluation 1 Submit Procedures For Evaluation 2 Receive Certificate of Evaluation 3 Sign Head Agreement with OGO 4 Submit Agreements & Certificates to GPKA 5 Receive Entry Level GPKI Accreditation 6 Submit Technical Elements to AISEP for Evaluation A Receive DSD Certificate of Accreditation B Submit Procedures For Evaluation C Submit Procedures For Evaluation D

global e-security 8 Identity certificates Based on two criteria  Proof Of Identity  Value proposition Proof Of Identity (POI)  Points based  Derived from tax and social security fraud experience Value Proposition  Primary basis is financial commitment  No financial value  $10,000 aggregating to $100,000  $100,000 aggregating to 1,000,000

global e-security 9 Accreditation - an evolution GPKA - Government  State  Territory NEAC - National  Advisory board  All authentication JAZANZ - Commercial  PKI only  Standards based NEAC (PARRA) GPKA RCA ICA ORA OCA PAA PCA EE JAZANZ/CFA

global e-security 10 GPKA - Process GPKA OGO Secretariat Evaluators CASP

global e-security 11 Issues Identity certificates accredited to date Awaiting outcome of Primary attribute Identity certificates SSL certificates not supported (but used) Working groups have been established Outstanding issues  Attribute certificates  Functional certificates  Financial certificates  Registration Authority accreditation  + others

global e-security 12 Look to the future Widespread future use across government 3 Million certificates in operation probable by end 2000 Movement to mission critical status Drive towards independent trust proofs The road to recognition  Technical interoperability  Mutual recognition  Cross Certification

global e-security 13 Conclusion and summary Australia is at the forefront of PKI technology implementation Many issues as yet unresolved First accreditation achieved in 1999 (Baltimore) First such process at a national level State governments and New Zealand moving to adopt as standard approach More expert resources required at the GPKA Significantly influenced by industry and special interest groups

global e-security 14 A word to the wise Never, ever, get yourself into a situation where you go from policy writing to policy implementation