Presentation is loading. Please wait.

Presentation is loading. Please wait.

Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems.

Published byElwin Banks Modified over 9 years ago

Similar presentations

Presentation on theme: "Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems."— Presentation transcript:

1 Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems and TRACES UN/CEFACT Forum Geneve, April 7-11 2014

2 What do we currently have? SPSCertificate based message exchange with TRACES is available New Zealand is getting ready to exchange on large scale: Fishery products Meat of bovine and ovine animals Target is to make exchanges with non- repudiation to enable the paperless exchange Digital signature will enable this

3 Digital Signature overview Hash Function Message Signature Private Key of sender Encryption Digest Message Decryption Public Key of sender Hash Function DigestAlgorithm DigestAlgorithm Expected Digest Actual Digest Compare

4 How will we apply digital signature? On the incoming messages (SPSCertificate) Signed by sending authority On the reply (SPSAcknowledge) Signed by TRACES Based on our recommendations made in analysis presented in Geneva in April 2013: Enveloping signature XML-based (XAdES) Timestamp froml trusted time stamp authority (TSA) for archival purposes

5 Example of signed SPSCertificate message Enveloping Signature SPSCertificate enveloped in the Signature

6 Architecture Overview ClientTRACES ESSI XMLGate Signed SPSCertificate message Signed SPSCertificate message forwarded Signature validated Certificate data validated, stored SPSAcknowledgement created, signed SPSAcknowledgement returned

7 First use-case: New Zealand exports to EU Meat products, fishery products 15000 – 20000 documents per year Digitally signed health certificates for export to the EU from NZ eCert system Digitally signed acknowledge messages from TRACES Machine-to-machine signature (eCert / TRACES)

8 Certificates to use TRACES will use certificate provided by ESSI (Commission as Legal Entity) New Zealand certificate provider (probably) not on EU trusted list No global solution in sight for this problem: Bilateral agreement on technologies and profiles Both sides must test each other's signed messages for interoperability We may need to define a "SANCO TLS" to add the CSP used in New Zealand to ESSI infrastructure

9 The steps ahead Agree on CSP on both sides Agree on technical details for interoperability (XAdES level, profile…) If necessary, define a "SANCO TLS" Off-line verification of signed messages from both sides Integrate to trust services on both sides Start the exchange Electronic "vault" needed – legal requirements?

Download ppt "Exchange of digitally signed SPSCertificate messages Overview of prototype of digital signature applied to SPSCertificate message between national systems."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
17 March 2010 Workshop on Efficient and Effective eGovernment FASTeTEN : a Flexible Technology in Different European Administrative Contexts

17 March 2010 Workshop on Efficient and Effective eGovernment FASTeTEN : a Flexible Technology in Different European Administrative Contexts
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.

S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.

Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.
PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,

DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,
European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.

European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.
NDSU Lunchbytes Are They Really Who They Say They Are? Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,

NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Archive Time-Stamps-Syntax Dr. Ulrich Pordesch

Archive Time-Stamps-Syntax Dr. Ulrich Pordesch
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Digital Signature Xiaoyan Guo/102587 Xiaohang Luo/104446.

Digital Signature Xiaoyan Guo/ Xiaohang Luo/
UN Economic Commission for Europe 23rd UN/CEFACT FORUM 7-11 April 2014 23rd UN/CEFACT FORUM – Geneva Tahseen A. Khan Project Proposal : Trusted Third Party.

UN Economic Commission for Europe 23rd UN/CEFACT FORUM 7-11 April rd UN/CEFACT FORUM – Geneva Tahseen A. Khan Project Proposal : Trusted Third Party.

Similar presentations

Ads by Google