Presentation is loading. Please wait.

Presentation is loading. Please wait.

CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group.

Published byJayson Howard Modified over 8 years ago

Similar presentations

Presentation on theme: "CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group."— Presentation transcript:

1 CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group Conference Austin, Texas September 24 th, 2007

2 2 Secure ICCP Data sharing between systems is necessary ICCP’s inherent lack of security Regulations require security controls be implemented

3 3 Basic Trust Model When two parties engage in a transaction they must: 1.Mutually trust each other's identity 2.Trust that both parties are allowed to engage in the transaction 3. Trust that no third party can know the details of the transaction 4. Trust that no third party can change any part of the transaction 5. Trust that neither party can deny having engaged in the transaction 6. Trust that a record of the transaction is kept for future reference

4 4 Public Key Infrastructure Overview Infrastructure which enables secure communication over unsecured networks, utilizing public and private key pairs obtained through a trusted authority. Public and private keys are created simultaneously, and have a direct correlation Private key must never be divulged...If so, the certificate must be revoked and reissued Can be used in a variety of ways to support security requirements

5 5 Public Key Infrastructure Components Certificate Policy and Certificate Practice Statements CP: What must be done to meet security requirements CPS: How security requirements must be met Certificate Authorities Trusted authorities which issue credentials to validated entities Registration Authorities Trusted authorities which validate certificate requests and communicate securely with certificate authorities

6 6 Public Key Infrastructure Components (continued) Certificates Credentials issued to validated entities from a trusted source Certificate Revocation Lists (CRLs) and CRL Distribution Points (CRLDPs) List of un-trusted, valid certificates issued from a specific CA Lightweight Directory Access Protocol (LDAP) Central directory providing data to Subscribers and Relying Parties

7 7 Public Key Infrastructure Overview CAISO_Test_CACAISO_Issuing_CA CAISO_Root_CA LDAP RA Entity CRLs CRLDPs CSR Certificate CSR Certificate CAISO Website CP CPS

8 8 Certificate and Key Lifecycle

9 9 Benefits of Public Key Infrastructure Mutual identification Allows participants to confidently know with and authenticationwhom they are conducting business without third party intervention Access ControlEnsures that an entity can only perform actions for which it has permission Confidentiality Ensures that only the intended recipient can protectioninterpret the data Integrity protectionEnsures that the sender of a message can detectif data has changed while in transit

10 10 Questions ???? Contact Information: Leslie DeAnda, Sr. Information Security Analyst, CAISO ldeanda@caiso.com or (916) 351-2211 ldeanda@caiso.com

Download ppt "CAISO Public Key Infrastructure: Supporting Secure ICCP Leslie DeAnda Senior Information Security Analyst, Information Security, CAISO EMS Users Group."

Similar presentations

RPKI Certificate Policy Status Update Stephen Kent.

RPKI Certificate Policy Status Update Stephen Kent.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.

Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Certificates Last Updated: Aug 29, 2013. A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Public Key Infrastructure (X509 PKI)

Public Key Infrastructure (X509 PKI)
Public Key Infrastructure Ben Sangster February 23, 2006.

Public Key Infrastructure Ben Sangster February 23, 2006.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Similar presentations

Ads by Google