Presentation is loading. Please wait.

Presentation is loading. Please wait.

PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias.

Published byPhillip Roberts Modified over 8 years ago

Similar presentations

Presentation on theme: "PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias."— Presentation transcript:

1 PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias

2 2 AGENDA Application Form & Required Documents Validation Process Renewal Process Certificate Issuance

3 3 Applicant validation – Required Documents For certificate issuance the following documents must be delivered to the CSE and thereafter to Adacom: – A validated photocopy of the end user’s identity card or passport It is important that the name of the notary is stated clearly as well as the date of the attestation. – The completed Application Form (one for each applicant). In case that the required documents delivered by an Authorized Person on behalf of the Applicant, an authorization document must be also provided to the CSE.

4 4 Application Form – Applicant Details FSI Event, May 24 th, 2012, Athens Part A

5 5 Application Form - Terms & Conditions FSI Event, May 24 th, 2012, Athens Part B Use for submission

6 6 Application Form – The Approval FSI Event, May 24 th, 2012, Athens Part C

7 7 Applicant validation – The process Completion of the application form Provision of the required documents Documents ‘ Approval & Applicant’s identificati on Secure Signature Creation Device Delivery (USB token) Enrollment Electronic Certificate Issuanse Storage to the USB token Ready for use FSI Event, May 24 th, 2012, Athens Validation ProcessCertificate Issuance Process

8 8 Validation Process - The Scenarios Scenario 1: Physical Presence Scenario 2: Authorized Person for submitting the application FSI Event, May 24 th, 2012, Athens

9 9 Scenario 1: Physical Presence Applicant – Request a validated copy of his National Identification Card – Complete the Application Form – Deliver the Application Form and the validated copy of his National Identification Card, to CSE CSE – Check the documents – Approve the application – Deliver the USB token to the Applicant – Sends documents to Adacom Adacom – Receives and check all the documents – Issues certificate after applicants certificate enrollment request FSI Event, May 24 th, 2012, Athens

10 10 Scenario 2: Authorized Person for submitting the application Applicant – Complete the Application Form at a certifying officer by presenting his National Identification Card at a Certifying Officer. The Certifying Officer ensures the original of the signature – Request a validated copy of his National Identification Card – Deliver the Application Form and the validated copy of his National Identification Card, to the Authorized Person Authorized Person – Deliver the Application Form and the validated copy of the National Identification Card of the applicant to CSE CSE – Check the documents – Approve the application – Deliver the USB token to the Applicant – Sends documents to Adacom Adacom – Receives and check all the documents – Issues certificate after applicants certificate enrollment request

11 11 USB Token Delivery & Use Upon receipt of the documents by CSE, the required Secure Signature Creation Device (USB token) will be given to the applicant. The delivery of the above can be made: – From the CSE Directly to the applicant during the validation procedure in the CSE offices, or To the legally authorized representative. After successfully finishing the enrolment procedure from the Applicant, the Electronic Certificate will be issued and stored in the USB Token, and the user will be able to use it for signing and encrypting e-mails and digital documents.

12 12 Certificate Issuance The applicant visits a specific URL in which fills in all the required fields, according to the documents provided during validation. Certificate Enrollment After the enrollment is made, the Registration Authority authenticates the request compared to the documents submitted from the applicant and if everything is correct accepts the issuance of the certificate. Accept certificate issuance After the acceptance of the certificate request from the RA, an email is automatically delivered to the applicant with a PIN and a URL, in order the applicant to receive the certificate. Certificate Pickup FSI Event, May 24 th, 2012, Athens

13 13 Certificate Enrollment In the URL, the user choose the Enroll button to enroll for his certificate The Assentation page is displayed to the user, which has to read and accept in order to continue FSI Event, May 24 th, 2012, Athens

14 14 Certificate Enrollment In the Enrollment page, the user fills all the required information according to the documents provided during validation. The user fills in the Challenge Phrase which will use later to pickup his certificate The user reads the Subscriber Agreement and click Submit. FSI Event, May 24 th, 2012, Athens

15 15 Certificate Enrollment A message appears asking the user to confirm his email address. A web access message appears informing the user that a digital certificate operation is going to take place. The token interface appears in which the user has to put his PIN. A window appears in which the token is in progress of generating the keys for the user certificate FSI Event, May 24 th, 2012, Athens

16 16 Certificate Enrollment After the enrollment is finished, a web page appears informing the user that the enrollment is submitted for approval. In case an error happens during the enrollment procedure, the web page will display a brief explanation and in some cases also an error code FSI Event, May 24 th, 2012, Athens

17 17 Certificate Pickup After the Registration Authority authenticates the request compared to the documents submitted from the applicant and if everything is correct accepts the issuance of the certificate. An email is send to the user with a PIN and URL to pickup the certificate In the URL the user enters the PIN and the token interface appears in which the user has to put the token PIN A web access message appears informing the user that a digital certificate operation is going to take place A congratulation page appears displaying the certificate information FSI Event, May 24 th, 2012, Athens

18 18 The Renewal Process The certificate has 1 year validity period. So it must be renewed each year. The renewal process will generate a new key pairs for the renewed certificate The validation process for the certificate renewal can be made with 2 ways: – The user is re-authenticating by delivering the necessary documents to the CSE, following the same procedure as it was for the initial request for certificate. This is done when one or more of the following conditions are met: –The identity card or the passport is not further valid. –The validated photocopy is not further valid. –The user’s data are changed. – In case all the above conditions do not apply, the user can sends a digital signed e-mail in which he/her must affirm that there is no change to his/her details, to: CSE_DS@cse.com.cy & CSE_DS@adacom.com, requesting an approval for renewing his/her certificate. This requires the following:CSE_DS@cse.com.cy CSE_DS@adacom.com –The certificate is not expired –The certificate is not revoked

19 19 The Renewal Process Send signed email for declaratio n Request Approval Applicant’ s identificati on Enrollmen t Electronic Certificate Issuance Storage to the USB token Ready for use FSI Event, May 24 th, 2012, Athens Renewal Process Certificate Issuance Process

20 20 The Revocation Process A certificate can be revoked by one of the following ways: – From the user itself, either directly on the provided URL or by informing CSE or Adacom – From the Certificate Authority A certificate should be revoked if: – There has been a loss, theft, modification, unauthorized disclosure, or other compromise of the private key of the Digital ID’s subject. – The Digital ID’s subject has breached a material obligation under the CPS or applicable subscriber agreement – The Digital ID was issued in a manner not materially in accordance with the procedures required by the Adacom CPS. – The Digital ID was issued to someone other than the person named as the subject of the Digital ID. – The Digital ID was issued without the authorization of the person named as subject of the Digital ID.

21 21 Certificate Revoke In the URL, the user choose the Revoke button to revoke his certificate In the revoke page the user search his certificate using either his email address or his full name The certificate is displayed. In case the user has more than one certificates, all his certificates will be displayed. The user choose the certificate that wants to revoke. A new page appears with more details of the certificate. If everything is ok, the user choose to revoke the certificate and enters the Challenge phrase he used during enrollment and choose a reason why he revokes it FSI Event, May 24 th, 2012, Athens

22 22 Applicant Responsibilities Data included in the Application form for Qualified Certificate are true and valid and may be asked during the submission of the electronic application for the Digital Certificate. Digital Certificates are used only for approved and legal scopes, according to the Adacom Certification Practice Statement (CPS). The USB token that will be sent to you is strictly personal, as well as the Digital Certificates that will be issued or stored in this token by you, and you are solely responsible for their use. You have to treat the USB Token like any object containing private data (for example a credit card). Under no circumstances are you supposed to leave the USB token exposed, not even in your own office. Additionally, after its use you must place it in a secure location. You are not to lend your USB token or disclose its Access ID ΡΙΝ to anyone. No unauthorized person should ever have access to your signature and encryption private keys. Upon facing a problem or upon having suspicions that your private key has been compromised or your USB token has been misplaced, stolen or destroyed, contact the Customer Support at once. FSI Event, May 24 th, 2012, Athens

23 23 QA FSI Event, May 24 th, 2012, Athens

24

Download ppt "PKI Services for CYPRUS STOCK EXCHANGE Kostas Nousias."

Similar presentations

11/2/2013 2:02:38 AM 5864_ER_FED 1 Importing Certificates into Lotus Notes R6.

11/2/2013 2:02:38 AM 5864_ER_FED 1 Importing Certificates into Lotus Notes R6.
Module: 201 Create and Manage Your Agent Account.

Module: 201 Create and Manage Your Agent Account.
Welcome To SPARROW Website URL

Welcome To SPARROW Website URL
Digital Certificate Installation & User Guide For Class-3 Certificates.

Digital Certificate Installation & User Guide For Class-3 Certificates.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Dating Portal showcase Copyright © 2007 Credentica Inc. All Rights Reserved. February 15th - 16th, 2007.

Dating Portal showcase Copyright © 2007 Credentica Inc. All Rights Reserved. February 15th - 16th, 2007.
New Filing Procedures: Filing Business Documents Online Tom Riley, Assistant Secretary of State Business Services Division (601) 359-1633 www.sos.ms.gov.

New Filing Procedures: Filing Business Documents Online Tom Riley, Assistant Secretary of State Business Services Division (601)
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.

EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.
Electronic Timesheet User Manual

Electronic Timesheet User Manual
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Department of Labor HSPD-12

Department of Labor HSPD-12
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Welcome to Florida International University Online J.O.B.S. Link Applicant Tutorial.

Welcome to Florida International University Online J.O.B.S. Link Applicant Tutorial.
Customer Service Module Course Contents Table of Contents Enter A Request Search A Request Create Invoice (Funeral home request) Search Invoice Manage.

Customer Service Module Course Contents Table of Contents Enter A Request Search A Request Create Invoice (Funeral home request) Search Invoice Manage.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Similar presentations

Ads by Google