S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.

Slides:

Advertisements

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Advertisements

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Setting Processes for Electronic Signature 1 The ”W-SPES Project” and the “Leuven Report on the Electronic Signatures Directive” – Putting the Project.

SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.

August 2004 Providing Industry-wide Security and Identity Management Solutions.

The ABA’s Digital Signature Guidelines: An Imperfect Solution to Digital Signatures on the Internet By: Edward D. Kania.

Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.

21 mai 2015 Bridges between Certification Authorities.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.

Electronic Archive Services in Lithuania Dr. Arūnas Stočkus Vilnius University Faculty of Mathematics and Informatics Lithuania EBNA,

Cyber Law & Islamic Ethics

Know More. Do More. Spend Less. January 24, 2006 Monica Loomis, Senior Sales Consultant Oracle Contract Management.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.

Digital Signature Technologies & Applications Ed Jensen Fall 2013.

National Smartcard Project Work Package 8 – Security Issues Report.

Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems.

8 Nob 06 / CEN/ISSS ETSI STF 305: Procedures for Handling Advanced Electronic Signatures on Digital Accounting CEN/ISSS Workshop.

Copyright © 2008, CIBER Norge AS 1 Using eID and PKI – Status from Norway Nina Ingvaldsen and Mona Naomi Lintvedt 22 nd October 2008.

© 2008 West Legal Studies in Business A Division of Thomson Learning 1 BUSINESS LAW TODAY Essentials 8 th Ed. Roger LeRoy Miller - Institute for University.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Standards in the world of E-business Harm Jan van Burg Ministry of Finance The Netherlands UN/CEFACT Vice Chair for international cooperation.

Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.

1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Market Reform Group Electronic processing The role of standards and how it all fits together Beginners session - 23 rd January 2008 Rob Campbell, MRO.

1 June Richard Guida Stephanie Evans Johnson & Johnson Director, WWIS WWIS SAFE Infrastructure Overview.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

Fulfilling the Promise of E-Commerce through Trade Facilitation UNECE International Forum on Trade Facilitation Richard Herve Sicard Microsoft, Head of.

COMPARISSON OF TECHNOLOGIES FOR CONNECTING BUSINESS PROCESSES AMONG ENTERPRISES Maja Pušnik, dr. Marjan Heričko.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Electronic PostMark (EPM) Project Overview May, 2003 Copyright Postal Technology Centre.

Digital Signatures, Message Digest and Authentication Week-9.

Identity Proofing, Signatures, & Encryption in Direct esMD Author of Record Workgroup John Hall Coordinator, Direct Project June 13, 2012.

DIGITAL SIGNATURE.

“Trust me …” Policy and Practices in PKI David L. Wasley Fall 2006 PKI Workshop.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 ICT and E-Business Strategies For Development Geneva, October.

Digitally Signed Records – Friend or Foe? Boris Herceg Hrvoje Brzica Financial Agency – FINA Hrvoje Stančić.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Security Requirements for Business Communication HENRIQUE DE CONTI.

LECTURE – V e-COMMERCE İstanbul Commerce University Vocational School.

E-SIGNED DocFlow SYSTEM in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE – E-Business Development Consultant.

Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.

Cross border electronic signature services Ingmar Vali Head of Court Registers Department Centre of Registers and Information Systems

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

OASIS Juan Carlos Cruellas – UPC Stefan Drees - DSS-X co-chair Nick Pope – Thales eSecurity OASIS Digital Signature Services and ETSI standards Juan Carlos.

The technology behind the USPS EPM. AND COMPLIANCE March 25, 2004 Adam Hoffman.

What Counts As An Esignature?

TAG Presentation 18th May 2004 Paul Butler

OASIS Digital Signature Services and ETSI standards Juan Carlos Cruellas – UPC Stefan Drees - DSS-X co-chair Nick Pope – Thales.

TAG Presentation 18th May 2004 Paul Butler

SPOCS : Simple Procedures Online for Crossborder Services

SWIM Common PKI and policies & procedures for establishing a Trust Framework Kick-off meeting Patrick MANA Project lead 29 November.

Digital Signature.

Technical Approach Chris Louden Enspier

Dashboard eHealth services: actual mockup

Presentation transcript:

s.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity

WELCOME TO A NEW LEADING NORDIC COMPANY

Many Communities Interacting Together

Humans are basically tribal –brought together by common needs –Individual members being trusted within their own communities

Many Communities Interacting Together But cross tribal communications are essential to commerce

Many Communities Interacting Together So how can contractual trust be established between communities ? € €

Many Communities Interacting Together Especially with multiple relationships? € € €

Many Communities Interacting Together Especially with multiple relationships? € € € €

US Federal Bridge c2006 Not Much Fun ?

Legality Liability Conduct What Can Go Wrong? – Why Bother ? Repudiation –Company credentials –Correspondent credentials Dispute –Document Content –Chronology Compliance –Post transaction investigation –Transparency

Business Challenges when Dealing with eIDs from Other Communities Determining risk related to accepting an eID from another Community –Quality –Trustworthiness –Liability Establishing business processes for handling those eIDs Predicting cost for authentication and validation with SLAs Managing exceptions S. 11

Business Challenges when Dealing with eIDs from Other Communities Determining risk related to accepting an eID from another Community –Quality –Trustworthiness –Liability Establishing business processes for handling those eIDs Predicting cost for authentication and validation with SLAs Managing exceptions S. 12

The Role of a Global Validation Service The primary role of a Global Validation Service is to provide a common trust (and hence liability) model enabling secure and trusted message flows between multiple communities using different identity providers without having to establish bilateral agreements between all possible combinations. Effort = Cost = Risk

BBS Global Validation Service: History 2006: DNV initiates project to build an independent identity validation service based on proven risk-based methodologies and using Ascertia Technology. 2007: BBS chosen as delivery partner 2009: BBS incorporates Global Validation Service into its SaaS portfolio maintaining DNV for CA risk analysis and T3P integrity. 2009: BBS’s Global Validation Service chosen as Trust Anchor for Norwegian Govt’s eHandel e-Procurement Solution s.14 Det Norske Veritas (DNV) was established in 1864 in Norway. The main scope of work was to identify, assess and manage risk for maritime insurance companies. Today it is globally recognised as a trusted independent party in many sectors. Ascertia is an experienced global provider of electronic identity (eID) validation and advanced digital signature software solutions, focusing on enabling trust within e-commerce environments using digital certificate, signature, timestamp, archive and encryption technologies.

DNV Providing Risk Assessment - Example s.15

s.16 Global Validation Service Function A Global Validation Service should: –manage signatures from many different communities within the digital process –provide an independent CA quality data for policy based processes –work in a global environment – not just Europe –provide guaranteed service levels for timely business decisions –Inform the Relying Party on the quality and trustworthiness of the signed documents received

Aiding inter-Community Relationships Risk reduction –The Global Validation Service takes on the risk management of the transaction Trust –A signature recipient can trust the Global Validation Service, as opposed to multiple Certificate Authorities, each having its own liability agreements under different national laws Business processes –There is one contract partner, one point of billing, one liable actor under contract law, no matter how many communities you interact with. Compliance –There is just one point of enforcement and historical record Security –Documents do not leave local domain. s.17

Sequence of Events 1.Sender uses certificate from their CA to sign document 2.Sender transmits signed documents 3.Receiver refers document to BBS via Gateway which ‘hashes’ document for security 4.GVS checks the signature against known Certificate Authorities for quality and applies Receiver’s own policies 5.GVS responds with assessment and ‘Fit for Purpose’ recommendation BBS Global Validation Service Architecture s

Certificate Authority 1 Community 1 Global Validation Service CA Quality Level SenderRecipient Certificate Authority 2 Community 2 Certificate Authority 3 Community 3 Connecting Communities s. 19

Technical Compliance Uses advanced CRL freshness policies to ensure the most up-to-date answers Supports OASIS, ETSI, IETF, W3C and other relevant industry standards Support for PEPPOL and other EU initiatives Complexity of multiple signature formats, and certificate validation processes managed by GVS: –PDF, XML DSig, PKCS#7, CMS, S/MIME, XAdES, CAdES, PAdES s. 20

Summary Inter Community transactions are complex if you wish to manage risk. Digital signatures can solve many issues but..... –The variable quality, risk and liability associated with many different eIDs and eSignatures from different communities leads to complexity and cost A Global Validation Service (GVS) can –act as a single point for compliance and transparency –reduce relying-party needs for many one-to-one contracts –determine if communication is ‘Fit For Purpose’ for the relying party –widen the market access for any community s. 21 Global Validation Services are provided from BBS

s.22 Jon Shamah EMEA Head of Sales Mob: BBS, eSecurity Haavard Martinsens vei 54, N-0045 OSLO