Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Slides:



Advertisements
Similar presentations
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Advertisements

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
AAI and universities Roles and functions. The Smart Card Architect Objectives zBuild a secure Authentication and Authorization Infrastructure between.
Public Key Infrastructure Ben Sangster February 23, 2006.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
An In-Depth Examination of PKI Strengths, Weaknesses and Recommendations.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 11: Active Directory Certificate Services
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Security+ Guide to Network Security Fundamentals, Fourth Edition
HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Configuring Active Directory Certificate Services Lesson 13.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
Controller of Certifying Authorities Public Key Infrastructure for Digital Signatures under the IT Act, 2000 : Framework & status Mrs Debjani Nag Deputy.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.
Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam
NENA Development Conference | October 2014 | Orlando, Florida Security Certificates Between i3 ESInet’s and FE’s Nate Wilcox Emergicom, LLC Brian Rosen.
WebTrust SM/TM Principles and Criteria for Certification Authorities CA Trust Jeff
Introduction to Secure Messaging Issues Russ Chung, American Eagle Group The Open Group Messaging Forum July 24, 2003.
Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Configuring Directory Certificate Services Lesson 13.
Cryptography Chapter 14. Learning Objectives Understand the basics of algorithms and how they are used in modern cryptography Identify the differences.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
HEPKI-PAG Policy Activities Group David L. Wasley University of California.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Module 9: Designing Public Key Infrastructure in Windows Server 2008.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.
Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.
Some Technical Issues in PKI Deployment David Chadwick
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Component 9 – Networking and Health Information Exchange Unit 9-1 Privacy, Confidentiality, and Security Issues and Standards This material was developed.
CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group.
TAG Presentation 18th May 2004 Paul Butler
TAG Presentation 18th May 2004 Paul Butler
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
CompTIA Security+ Study Guide (SY0-501)
زير ساخت كليد عمومي و گواهي هويت
جايگاه گواهی ديجيتالی در ايران
Install AD Certificate Services
PKI (Public Key Infrastructure)
Presentation transcript:

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003

Agenda Components of a Public Key Infrastructure (PKI) Roles and Responsibilities Certificate Authority Registration Authority Other Implementation Technical Activities Organizational Activities Inter-Organizational Activities

Components of a PKI Encryption: keys, algorithms and hash functions Secure public key infrastructure (PKI), which supports key exchange Software which supports secure messaging functionality (e.g. -clients or plug-ins) Policies, procedures and agreements to establish and maintain trust in the system Optional: special devices e.g. a smart card and a smart card reader or an USB token

Components of a PKI Encryption Symmetrical keys Asymmetrical keys Encryption algorithms Digital Signatures Hash functions Optional Devices Smart Cards Biometric Devices And more….

Components of a PKI Certificates Certificate Policy Certification Practice Statement Relying Party Agreement

Components of a PKI Certificate Authority (CA) Registration Authority (RA) - or - Local Registration Authorities (LRA) Directory Service Time Stamping (as an additional service)

Certificate Authority Tasks A CA has to generate the certificate based on a public key. It links the certificate to a particular user. It manages published certificates. Lastly, a CA is part of cross certification with other CAs

Registration Authority Tasks A RA has two main functions: To verify the identity and the statements of the claimant To issue and handle the certificate for the claimant

Directory Services The directory service has two main functions: To publish certificates To publish a Certificate Revocation List (CRL) or to make an online certificate available via the Online Certificate Status Protocol (OCSP)

Notary / Time Stamping Time Stamping is a special service. Time Stamping confirms the receipt of digital data at a specific point in time. Time Stamping is used for contracts or other important documents where a receipt needs to be confirmed.

Implementation Successful PKI implementation requires: Technical activities Organizational activities Inter-Organizational activities

Technical Activities Gather the technical requirements for a PKI solution and secure messaging software Decide on whether to buy or develop Select the hardware and software for the PKI solution and secure messaging solution Install and test the system Upgrade the network infrastructure and implement the selected solutions

Technical Activities Compile the requirements and come up with a concept of how to operate with and utilize keys: Key generation Key management Distribution and exchange of certificate and private key Key separation Archiving of the certificate, and if necessary, the private key Change and validation of certificate and if necessary, the private key Manage the access to and representative use of the certificate and private key Freezing and destruction of certificates

Summary of Technical Activities

Organizational Activities Definition of Certification Practice Statement (CPS) Development of a security concept for the CA and security policies Actions in case of suspected or recognized compromise of the Private CA Key Responsibility, representative regulation, storage, validity of Private CA Signing Key

Inter-Organizational Activities Relying Party Agreements Policy Mapping Establishing Trust Relationships Exchange Root Certificates Cross Certification CA Bridging

Conclusion Successful PKI Implementation involves Technical Activities Organizational Activities Inter-Organizational Activities The organizational and inter-organizational activities are the larger and the more critical part.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.