E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

Public Key Infrastructure and Applications
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
M.Sc. Hrvoje Brzica Boris Herceg, MBA Financial Agency – FINA Ph.D. Hrvoje Stancic, assoc. prof. Faculty of Humanities and Social Sciences Long-term Preservation.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.
PKI Services for the Public Sector of the EU Member States Dr. Dimitrios Lekkas Dept. of Products & Systems Design Engineering University of the Aegean.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
© Julia Wilk (FHÖV NRW) 1 Digital Signatures. © Julia Wilk (FHÖV NRW)2 Structure 1. Introduction 2. Basics 3. Elements of digital signatures 4. Realisation.
E- Business Digital Signature Varna Free University Prof. Teodora Bakardjieva.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Public Key Infrastructure Ammar Hasayen ….
National Smartcard Project Work Package 8 – Security Issues Report.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Copyright © 2008, CIBER Norge AS 1 Using eID and PKI – Status from Norway Nina Ingvaldsen and Mona Naomi Lintvedt 22 nd October 2008.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode.
Cryptography, Authentication and Digital Signatures
Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Lifecycle Metadata for Digital Objects October 18, 2004 Transfer / Authenticity Metadata.
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
DIGITAL SIGNATURE.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.
Using Public Key Cryptography Key management and public key infrastructures.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Guided by : VIPUL GAJJAR Prepared by: JIGAR KAKADIYA.
TAG Presentation 18th May 2004 Paul Butler
Efficient and secure transborder exchange of patient data
Computer Communication & Networks
TAG Presentation 18th May 2004 Paul Butler
e-Health Platform End 2 End encryption
Digital Signature.
PKI Services for the Public Sector of the EU Member States
Dashboard eHealth services: actual mockup
Install AD Certificate Services
e-Security Solutions Penki Kontinentai Vladas Lapinskas
Instructor Materials Chapter 5: Ensuring Integrity
Presentation transcript:

e-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

University of the Aegean Review F Do we really need security in the networks of Public Sector? F What security requirements do we have? F What solutions may we propose to cover the requirements?

University of the Aegean The traditional way of communication

University of the Aegean The modern way of communication within the public sector

University of the Aegean Possible problems (1) Confidentiality

University of the Aegean Possible problems (2) Integrity

University of the Aegean Possible problems (3) Availability

University of the Aegean Possible problems (4) I did not send it! I have never received it! Non-repudiation

University of the Aegean Possible problems (5) Secure Timestamping

University of the Aegean Possible problems (6) Authenticity

University of the Aegean We identified the following security requirements: F Confidentiality of the exchanged information F Integrity of the exchanged information F Availability of information and communication F Non-repudiation of (a) origin and (b) receipt F Timestamping of electronic documents F Authenticity of transacting parties

University of the Aegean Satisfy the requirements F Confidentiality: Public key Cryptography F Integrity: Digital signatures F Authenticity: Digital certificates and signatures F Availability: Lower level protocols, such as IPsec F Value-added services: Time-stamping, non- repudiation of origin and receipt, notary, privilege management

University of the Aegean Solutions; F Asymmetric and Symmetric cryptography F Public Key Infrastructure F Smart cards F Relevant Legal framework

University of the Aegean Cryptography F Symmetric (Traditional) cryptography –Same key for data encryption/decryption –Prior key agreement of transacting parties –Problems: protection of key distribution F Symmetric (Public Key) cryptography –Key pair: One private and one public –Data encrypted with on key can only be decrypted with the other –A private key is the property of one only physical entity –A public key is freely distributed

University of the Aegean Items of PKI

University of the Aegean Certification Services Provision F Basic services –Registration –Certificate management –Cryptographic functions –Directory Services –Data repository F Support –Administration –Audit and Control –Logging –User support

University of the Aegean Value-added Services F A CSP as Time-Stamping Authority F A CSP as Key Distribution Center F A CSP as Privilege Management Authority F A CSP as Notary F A CSP as Evidence Provider

University of the Aegean CSP Requirements in e-gov F Reliability demonstration F Physical security F Publishing of certification policies and practices F Risk analysis F Protection of Personal Data F Long-term repositories of signature verification data F Insurance ? F ISO 9000 certification ?

University of the Aegean Digital Signature F Definition –A Digital Signature is data attached or co- related to an electronic document, that are used to verify its authenticity. F Characteristics –It is uniquely related to the signer –Provides a means to identify the signer –It is created by means under the absolute control of the signer –It is uniquely related to the document –It assures the integrity of the document

University of the Aegean Digital Certificate F A Digital Certificate is a Signed Data Structure that binds a physical entity to a public key that possesses. F The certificate is digitally signed by an Authority (Trusted Third Party) Trusted and Qualified to act as a Certification Services Provider (CSP). F It assures by Technical and Legal means that a public key belongs to a specific entity and consequently that this entity legally possesses the relevant private key.

University of the Aegean Smart Cards F Special Smart Cards with crypto-processor are used in PKI F Ideal solution for private key storage: –Key pairs produced within the card –Digital signature creation is performed within the card –Private key is never exported from the smart card –Mobile –PIN protected –Reliability and Physical durability

University of the Aegean Legal framework F Digital signatures are internationally recognised as equivalent to handwritten signatures and in some cases as stronger F The European Directive EC/93/99 on Digital Signatures is already adopted by the 15 member states F The Directive is adopted in Greece by the Presidential Decree 150/2001 F National Telecommunication Authorities (e.g. EETT) publish regulations for the provision of Qualified Certification Services.

University of the Aegean Do we need something else; F Information Systems Security does not succeed with the simple raising of physical or electronic barriers. F An integrated Security Policy is needed, that will be the basis for the construction of security procedures.

University of the Aegean Summary F Electronic Government is close. F Secure e-Government is still at a distance. F … but it must (and it can) come closer! F The Public Sector must face the ICT Security as a fundamental issue.