Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode.

Slides:

Advertisements

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

Advertisements

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Respecting Privacy in Global Networks/ Guernsey, Wednesday 11 th April, Paula Ortiz López Spanish Data Protection Agency.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Ecommerce Applications 2009/10 Session 31 E-Commerce Applications E-payment.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false.

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Secure Electronic Transaction (SET)

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Internet Security for Small & Medium Business Week 6

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

SODA Archiving October 2013

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Traditional and Electronic Payment Methods Chapter 3.

Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Time/Date Stamp Time/Date Stamp Authorization Secure Non- repudiation Secure Non- repudiation Key Recovery Key Recovery Message Confidentiality Message.

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

Dimensions of E – Commerce Security

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

COEN 351 Non-Repudiation. A non-repudiation service provides assurance of the origin or delivery of data in order to protect the sender against false.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Brenda Watkins Director Policy and Business Strategies Information.

DIGITAL SIGNATURE.

Belgian EID Card 15/12/2004 Derette Willy eID program manager.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias.

Electronic Banking & Security Electronic Banking & Security.

The technology behind the USPS EPM. AND COMPLIANCE March 25, 2004 Adam Hoffman.

Henric Johnson1 Secure Electronic Transactions An open encryption and security specification. Protect credit card transaction on the Internet. Companies.

TAG Presentation 18th May 2004 Paul Butler

SSL Certificates for Secure Websites

TAG Presentation 18th May 2004 Paul Butler

BY GAWARE S.R. DEPT.OF COMP.SCI

E-Government Government Gateway Overview.

Richard Purcell Corporate Privacy Officer Microsoft Corporation

Security in ebXML Messaging

e-Security Solutions Penki Kontinentai Vladas Lapinskas

Presentation transcript:

Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode

What’s in a name?

Work Health Club Family Member Who am I? Citizen

Work Health Club Family Member One Signature! Who am I? Citizen

The Signature is mine Because I signed it! Note that the Signature is: Perpetual (All my life) Not affected by value of the transaction This is clearly open to Fraud: Risk can be reduced by using Notaries Checks are increased if value rises Signing a Contract

Digital ID’s

Digital signatures are ‘One Off’ Associated with a single transaction Signatures are validated against Keys Keys need to be under tight control Private secure/Public readily available Issuer must maintain history/audit Oddly, less open to fraud Processes are tighter Digital Signatures

Both Specific or General Use Other uses achievable Restricted by liability Restricted by law (currently) PKI Technology Mature Extending Storage Medium PC, Smart Cards, WAP Devices Has a full revocation method Needs a Trusted Issuing Party Digital Signatures

Examples Travel Agents Insurance Brokers Insurance Assessors Auditors Trusted Third Parties

OK; I’ve got a Digital Signature. The world knows who I am; ViaCode have validated me! Now, what can I use it for? Signing Documents Digitally

Legal Defintions (CITU/PIU)

ViaCode: Citizen Authentication

ViaCode: Business Authentication

PKI provides: Content Confidentiality through Encryption Content Integrity Authentication of both Parties ViaCode: Document Exchange

PKI does NOT provide: Non Repudiation; inability to deny an event Backed by a Trusted Organisation Backed by Insurance/Liability protection Backed by Audit/Forensic Evidence ViaCode: Document Exchange

Send /Document to Royal Mail in an Encrypted Session Receipt Acknowledgement ViaCode: Document Exchange

Royal Mail re- transmits the Document but without ‘Keys’ Opening Requests ‘Keys’ ? ‘Keys’ are Returned ViaCode: Document Exchange

The Originator is informed that the transaction is complete OR ViaCode: Document Exchange

The Originator is informed that the transaction is INCOMPLETE X ViaCode: Document Exchange

State of the Art

Within the Post Office.. Secure track and trace facility for selected customers Veronica - International Services can have secure communications with their Dutch division ViaCode: State of the Art

Major Reseller partnership 300,000 potential certificate holders Secure communications between European network Export documentation process reduced from 3 days to 3 hours with ViaCode ViaCode: State of the Art

New Second Generation Portal Launch Portal web site with trust a key feature of differentiation Planning for over 2 million subscribers ViaCode certificates will secure all transactions and communications launching summer 2000 Corporate Solution involving Royal Mail, POCL & Parcelforce ViaCode: State of the Art

Operating as a reseller of ViaCode in the Channel Islands Targeting lucrative banking, legal and finance sectors Applications such as on line contract signing money transfer requests and insurance quotes ViaCode: State the Art

Government The e-commerce minister Patricia Hewitt MP used a ViaCode certificate in the first ever digital signing of an agreement between two European Governments(Mar 2000) Legal Sector 8 contracts secured in March 2000 alone ViaCode: State the Art

Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode