Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee.

Published byBarnard Walsh Modified over 9 years ago

Similar presentations

Presentation on theme: "The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee."— Presentation transcript:

1 The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee and Acting Director, Federal Bridge Certification Authority

2 The FBCA Architecture Bridge CA And Directory Bridge CA And Directory CA, Directory, End users CA, Directory, End users CA,Directory, End users Trust paths

3 FBCA Overview Designed for the purpose of creating trust paths between among PKI domains Designed for the purpose of creating trust paths between among PKI domains Issues cross-certificates to Member CAs only Issues cross-certificates to Member CAs only Employs a distributed, NOT a hierarchical, model Employs a distributed, NOT a hierarchical, model Commercial products participate within the membrane of the Bridge OR interoperate with products within the membrane Commercial products participate within the membrane of the Bridge OR interoperate with products within the membrane Develops cross certificates within the membrane to bridge the gap among dissimilar products Develops cross certificates within the membrane to bridge the gap among dissimilar products

4 FBCA Goals Leverage emerging Federal Agency PKIs to create a unified Federal PKI Leverage emerging Federal Agency PKIs to create a unified Federal PKI Limit workload on Agency CA staff Limit workload on Agency CA staff Support Agency use of: Support Agency use of: Any FIPS-approved cryptographic algorithm Any FIPS-approved cryptographic algorithm A broad range of commercial CA products A broad range of commercial CA products Propagate policy information to certificate users in different Agencies Propagate policy information to certificate users in different Agencies

5 FBCA Operation Issues Cross-Certificates to Participating CAs only Issues Cross-Certificates to Participating CAs only FPKI Steering Committee oversees FBCA development and operations FPKI Steering Committee oversees FBCA development and operations Documentation Documentation Enhancements Enhancements Client-side software Client-side software Operates in accordance with Policy Authority and FPKISC direction Operates in accordance with Policy Authority and FPKISC direction

6 FBCA Management Hierarchy Steering Committee oversees FBCA development and operations Steering Committee oversees FBCA development and operations Direct Operational Authority Direct Operational Authority Bridge Documentation Bridge Documentation Enhancements Enhancements Policy Authority determines participants and levels of cross- certification Policy Authority determines participants and levels of cross- certification Administers Certificate Policy Administers Certificate Policy Approves requests to cross-certify Approves requests to cross-certify Enforces compliance by member organizations Enforces compliance by member organizations GSA named Operational Authority GSA named Operational Authority Operates in accordance with Policy Authority and Steering Committee direction Operates in accordance with Policy Authority and Steering Committee direction

7 Current Status - August 10, 2001 Policy Authority approved final documentation on June 18, 2001 Policy Authority approved final documentation on June 18, 2001 Certificate Policy Certificate Policy Certification Practices Statement Certification Practices Statement Independent Compliance Analysis Independent Compliance Analysis FBCA “open and ready for business” at the GSA/FTS WillowWoods facility operated by Mitretek Systems on June 7, 2001 FBCA “open and ready for business” at the GSA/FTS WillowWoods facility operated by Mitretek Systems on June 7, 2001 Prototyping/Compatibility lab continues operational off-site Prototyping/Compatibility lab continues operational off-site Hot backup site nearing completion Hot backup site nearing completion C & A Audit under way by KPMG C & A Audit under way by KPMG Three federal agencies and one state government preparing documentation for application for interoperability with Bridge: NASA, NFC, FDIC, Illinois Three federal agencies and one state government preparing documentation for application for interoperability with Bridge: NASA, NFC, FDIC, Illinois

8 What Will It Take to Use the FBCA? Policy mapping of certificate policies Policy mapping of certificate policies Sharing annual audits Sharing annual audits Careful management of cross-certificates to limit transitive trust (exclusion trees) Careful management of cross-certificates to limit transitive trust (exclusion trees) Directory interoperability and synchronization Directory interoperability and synchronization Client software for certificate path discovery and processing Client software for certificate path discovery and processing

9 Next Steps Continue to bring federal agencies into interoperability Continue to bring federal agencies into interoperability Bring additional products into Bridge membrane and/or verify interoperability with products in membrane: working with RSA, Cylink, Spyrus and talking with VeriSign and Microsoft Bring additional products into Bridge membrane and/or verify interoperability with products in membrane: working with RSA, Cylink, Spyrus and talking with VeriSign and Microsoft Pursue interoperability with State PKIs Pursue interoperability with State PKIs Pursue interoperability with Nation of Canada Pursue interoperability with Nation of Canada Pursue interoperability with non-government sector bridges Pursue interoperability with non-government sector bridges

10 References Federal PKI Steering Committee Website: http://www.cio.gov/fpkisc Federal PKI Steering Committee Website: http://www.cio.gov/fpkisc http://www.cio.gov/fpkisc FBCA Page: http://www.cio.gov/fpkisc/fbca/index.htm FBCA Page: http://www.cio.gov/fpkisc/fbca/index.htm http://www.cio.gov/fpkisc/fbca/index.htm NIST PKI Website: http://csrc.nist.gov/pki NIST PKI Website: http://csrc.nist.gov/pkihttp://csrc.nist.gov/pki

Download ppt "The Federal Bridge Certification Authority – Description and Current Status Peter Alterman, Ph.D. Senior Advisor to the Chair, Federal PKI Steering Committee."

Similar presentations

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.

NIH-EDUCAUSE PKI Interoperability Project Electronic Grant Application With Multiple Digital Signatures Peter Alterman, Ph.D. Director of Operations Office.
Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.

Levels of Assurance: An Overview Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Program Managers Forum

Program Managers Forum
Federal PKI Architecture Update

Federal PKI Architecture Update
The U.S. Federal PKI Richard Guida, P.E. Chair, Federal PKI Steering Committee Chief Information Officers Council 202-622-1552.

The U.S. Federal PKI Richard Guida, P.E. Chair, Federal PKI Steering Committee Chief Information Officers Council
Ongoing Efforts to Build The US Federal PKI Bridge

Ongoing Efforts to Build The US Federal PKI Bridge
Stanley J. Choffrey (202) 708-7943 The Federal Bridge Certification Authority Evolving Issues in Electronic Data Collection January.

Stanley J. Choffrey (202) The Federal Bridge Certification Authority Evolving Issues in Electronic Data Collection January.
Federal PKI Evolution Substantial bottom-up growth in agency use of PKI (report to be published shortly)Substantial bottom-up growth in agency use of PKI.

Federal PKI Evolution Substantial bottom-up growth in agency use of PKI (report to be published shortly)Substantial bottom-up growth in agency use of PKI.
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.

Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA’s PKI Migration to Treasury 13th Fed-Ed Meeting 15 June ‘06 Presenter: Tice DeYoung.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
Copyright Judith Spencer 2002. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Judith Spencer This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.

NIH – EDUCAUSE PKI Interoperability Pilot Update Peter Alterman, Ph.D. Director of Operations, Office of Extramural Research, NIH and Senior Advisor to.
1 When the Auditor Comes Knocking … What to Prepare and What to Expect from your CA auditor.

1 When the Auditor Comes Knocking … What to Prepare and What to Expect from your CA auditor.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,

Uncle Sam, Meet The PKI! Richard Guida Chair, Federal PKI Steering Committee Michèle Rubenstein Department of the Treasury,
The U.S. Federal PKI and the Federal Bridge Certification Authority

The U.S. Federal PKI and the Federal Bridge Certification Authority
EDUCAUSE Fed/Higher ED PKI Coordination Meeting

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Similar presentations

Ads by Google