PKI -An Industry Perspective Lisa Pretty Executive Director.

Slides:

Advertisements

Similar presentations

Use of Public-Key Infrastructure (PKI) Erik Andersen Association for the Directory Information and Related Search Industry (EIDQ -

Advertisements

Launching Egyptian Root CA and Inaugurating E-Signature Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

PKI services in the Public Sector of the EU Member States Objectives and Methodology of the survey Prof. Sokratis K. Katsikas University of the Aegean,

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

OpenStand and IEEE 802 Konstantinos Karachalios Managing Director, IEEE-SA 17 November 2012.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

WISeWorld2000 WISeKey By Malcolm Hutchinson CEO & Cofounder WISekey.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Public Key Infrastructure Ben Sangster February 23, 2006.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

SMUCSE 5349/7349 Public-Key Infrastructure (PKI).

PKI Technology & Interoperability Lisa Pretty Executive Director.

Understanding Active Directory

PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.

CS526 – Advanced Internet And Web Systems Semester Project Public Key Infrastructure (PKI) By Samatha Sudarshanam.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Public Key Infrastructure from the Most Trusted Name in e-Security.

The 4BF The Four Bridges Forum The SAFE-BioPharma Digital Identity and Signature Standard.

IDA Security Experts Workshop Olivier LIBON Vice President – GlobalSign November 2000.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

Technical Working Group June 2001 Andrew Nash Steve Lloyd.

IMPLEMENTING THE WSIS ACTION PLAN NAIROBI, March 2004 Jose Toscano Director, External Affairs International Telecommunications Satellite Organization.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

Nationwide Health Information Network: Conditions for Trusted Exchange Request For Information (RFI) Steven Posnack, MHS, MS, CISSP Director, Federal Policy.

Module 9: Configuring IPsec. Module Overview Overview of IPsec Configuring Connection Security Rules Configuring IPsec NAP Enforcement.

June 28, 2000 Business Working Group Introduction Session.

Technical Working Group December 2000 Mark Davis Andrew Nash.

Building Intelligence Tour Jan. 25, 2006 Chicago, IL.

National Institute of Advanced Industrial Science and Technology Brief status report of AIST GRID CA APGridPMA Singapore September 16 Yoshio.

HEPKI-PAG Policy Activities Group David L. Wasley University of California.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

United States Department of Justice Implementing Privacy Policy in Justice Information Sharing: A Technical Framework John Ruegg,

PKI Forum Mission “The PKI Forum is an international, not-for-profit, multi- vendor and end-user alliance whose purpose is to accelerate the adoption and.

E-Authentication: Enabling E-Government Presented to PESC May 2, 2005 The E  Authentication Initiative.

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.

Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.

Mobile Security. Security is Hard Just this year: Denial of service Credit card compromise I Love you Cost to manage security quickly becomes prohibitive.

Washington System Center © 2005 IBM Corporation August 25, 2005 RDS Training Secure Socket Layer (SSL) Overview z/Series Security (Mary Sweat, Greg Boyd)

TeleTrusT PKI WG Information and Activities PKI-Forum, 19-Jun-2001 Fritz Bauspiess Secorvo Security Consulting GmbH Albert-Nestler-Straße.

David A. Olive General Manager, Fujitsu Limited WITSA Public Policy Chairman WITSA Public Policy Meeting Athens, Greece May 15, 2005 Global Public Policy.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Robert Mahowald August 26, 2015 VP, Cloud Software, IDC

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

Jim Bland Executive Director, CRIX International

TeleTrusT Initiatives for PKI Solutions

Unique Identification Number Project

Module 8: Securing Network Traffic by Using IPSec and Certificates

THE STEPS TO MANAGE THE GRID

SWIM Common PKI and policies & procedures for establishing a Trust Framework Kick-off meeting Patrick MANA Project lead 29 November.

Public Key Infrastructure (PKI)

Digital Disruption An ISP take on trends and possibilities

HOSTED BY IN PARTNERSHIP WITH SUPPORTED BY Barcelona iCapital 2015.

جايگاه گواهی ديجيتالی در ايران

Public Key Infrastructure from the Most Trusted Name in e-Security

Module 8: Securing Network Traffic by Using IPSec and Certificates

Install AD Certificate Services

Prof. Sokratis K. Katsikas University of the Aegean, Greece

OUT OF BAND AUTHENTICATION

Tim Polk, NIST PKI Program Manager March 2000

eHealth/mHealth Gisele Roesems

Presentation transcript:

PKI -An Industry Perspective Lisa Pretty Executive Director

PKI Forum “ The PKI Forum is an international, not-for- profit, multi-vendor and end-user alliance whose purpose is to accelerate the adoption and use of Public-Key Infrastructure (PKI). The PKI Forum advocates industry cooperation and market awareness to enable organizations to understand and exploit the value of PKI in their e-business applications.”

PKI is the Future! u Predictions for the overall market are huge. –Both IDC and Frost & Sullivan put PKI as one of the fastest growing markets in the Internet security space in coming years. –According to Aberdeen Group, 98% of the Global 2000 enterprises will be using PKI before 2003.

Source: Datamonitor, “Public-Key Infrastructure ”, December 1999 PKI Market Forecast, by Revenue Category

What will it take? u Top Inhibitors of PKI deployment –Lack of Multi-vendor Interoperability –Minimal understanding of PKI –Complexity of Installation & Deployment

PKI Interoperability u Three different aspects to PKI interoperability –Component interoperability –Enterprise interoperability –Application interoperability

PKI Component Interoperability u Ability to mix and match COTS PKI products u Depends upon specification-based messages exchanged between components to support: –Certificate requests –Certificate renewal –Certificate revocation CA RA Client Repository

Enterprise Interoperability u The ability to connect two enterprise PKIs into a larger functional PKI –More than just cross- certification –Clients must be able to find and validate meaningful certification paths Enterprise A PKI CARA Client Repository A Enterprise B PKI CARA Client Repository B

Application Interoperability u The ability of PKI-aware applications to: –Share PKI certificates, key-pairs, and processing modules –Rely on different PKI environments to implement security services Enterprise A PKI CARA Client Repository A Enterprise B PKI CARA Client Repository B

Projects Underway u Technical Working Group –CA-CA Interoperability –Application Certificate Interoperability –CMP Interoperability –Token Portability & Interoperability –White Paper - Interoperability –White Paper - Critical Path Construction –White Paper - LDAP

Business Working Group u Education & Marketing u Applications u Best Practices u Policy & Privacy

Policy/Legislative Principles 1. Promote “product neutral” not “technology neutral” rules. 2. Discourage rules that implicate an inherent equivalency of signature technologies. 3. Advance validity and enforceability of PKI system rules, user agreements,certificates, and digital signatures. 4. Advance government recognition and use of private sector-based PKI guidelines and standards.

Principles (con’d) 5. Promote basic/minimum PKI "default rules“ 6. Advance both authentication and privacy benefits of PKI. 7. Eliminate restrictions on import/export of crypto. 8. Address and harmonize consumer use / rights / obligations.