Presentation is loading. Please wait.

Presentation is loading. Please wait.

Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,

Similar presentations


Presentation on theme: "Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,"— Presentation transcript:

1 Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee richard.guida@cio.treas.gov Michèle Rubenstein Department of the Treasury, Chair, EMA Board of Directors michele.rubenstein @cio.treas.gov

2 Federal PKI Interoperability b Overview b Organizational Framework b Bridge Certification Authority Concept b Design Requirements b Meaning of Interoperability b Current Status b Challenges b Path Ahead

3 Organizational Framework b Well over two dozen agency PKIs b No single Federal hierarchical root b Full spectrum of COTS products b Widely divergent agency requirements b Strong desire to interoperate (communicate accepting certificates from other sources)

4 Bridge Certification Authority b Non-hierarchical “hub” b Designed under Federal PKI Steering Committee auspices b CP/CPS under development - will support four levels of assurance (rudimentary, basic, medium, high) b Operated by, and will exist at, the National Technical Information Service

5 Bridge Certification Authority (2) b Will operate under auspices of Federal Policy Management Authority (FPKI Steering Committee) b Agencies can apply to have their CA’s cross-certify - FPMA decides level of assurance

6 Bridge Certification Authority (3) b Once cross-certified, Bridge allows construction of trusted path between CA domains b Initial focus is interagency interoperability, but also plan to do so with external parties

7 Design Requirements b High assurance for Bridge itself b Must honor four levels of assurance for cross-certified CAs b Must be hosted at Federal agency (NTIS) b Must meet MISPC and FIPS 140-1 b Must allow trusted path creation

8 Meaning of Interoperability b Policy b Technical AlgorithmsAlgorithms ProtocolsProtocols Encryption key recovery schema consistencyEncryption key recovery schema consistency

9 Current Status (as of Oct 98) b Funding committed (pending budget passage) b In design stage b Once notional design developed, will be vetted through FPKI Steering Committee Technical Working Group (vendors) b Developing EMA Challenge participation

10 WEMA Challenge ‘99 b b Demonstrate standards-based, secure, global EC environment featuring interoperable PKI b b Goals Demonstrate scalable, standards-based PKI using COTS products that is transparent to users Identify key issues, raise awareness, and determine solutions for a multi-domain PKI Demonstrate the capabilities of COTS products and their ability to interoperate

11 WEMA Challenge ‘99 b b Foundation applications are web-based EC and secure messaging b b Some of the participants: BT NTIS Entrust Xcert European Commission b b Documentation and information www.ema.org/challenge99 Baltimore Boeing GTE Cybertrust GSA Treasury

12 Challenges b Dealing with OCSP vs. CRL domains for revocation checking b Ensuring Bridge supports all COTS products agencies may select b Ensuring Bridge’s full potential is used b Making client software use the Bridge b Mapping applicant CA’s assurance levels to those of Bridge

13 Path Ahead b Complete design and vet through Technical Working Group b Get Bridge pilot operating (early 1999) b Participate in EMA Challenge 99 b Attract appropriate applications b Since fully funded through Sept 2000, expect no charge to cross-certify until afterwards (but depends on actual usage)


Download ppt "Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,"

Similar presentations


Ads by Google