Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Security Requirements for Business Communication HENRIQUE DE CONTI.

Published byJulian Ward Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Security Requirements for Business Communication HENRIQUE DE CONTI."— Presentation transcript:

1 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Security Requirements for Business Communication HENRIQUE DE CONTI Director — Membership and Information Services

2 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 About BRISA Main Protections for e-business e-business protections — Technical Solutions Legal Issues Brazilian Legal Framework Schedule

3 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 BRISA is...  12 years old association whose mission is to support members in developping solutions in Telecommunications and Informatics  Not for profit, private, open for any company, exempt, independent, accredited as a Public Utility Organization since 1992 About BRISA

4 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Members 5/16/01

5 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 offices members staff BRISA has...

6 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Consumer Online Spending Reaches $8.3 Billion in 2005 (in billions) Total Online SpendingPercent of Online Buying Source: Jupiter Internet Commerce Model, 02/00

7 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Authentication of origin guarantee identity of the originator of a message or object implies non-repudiation of origin (independent CA) guarantees integrity against corruption of message or information object (accidental or malicious) not used as contractual binding Signature proof that the originator accepts all responsabilities for object or message validity  validity of originator’s pair of keys offers all protections of Authentication of Origin tied to document formation (hash) exclusive use by owner (verification) e-business — Main Protections (1) (1) EEMA-SPLC Secure Inter-organisational Electronic Messaging Framework

8 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Non-repudiation of content received provides guarantee that a recipient has received message or information object intact as sent recipient cannot deny its reception Notarisation irrevocable proof and guarantee that an information object was subject of Authentication of Origin or Signature authentication or signature occured no later than time and date appended by Notary validity exceeds that of pair of keys of originator information object can be archived offers all protections of Authentication of Origin of Signature applies only to objects e-business — Main Protections (1) (1) EEMA-SPLC Secure Inter-organisational Electronic Messaging Framework

9 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Authentication of origin X.509 Certificate supported by main messaging products (Windows and Linux) Signature X.509 Certificate hash function supported by main messaging products (Windows and Linux) e-business protections Techical Solutions

10 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Non-repudiation of content received no internet protocol standard specification supported by X.400 protocol supported by main messaging products (proprietary solutions) need of a bilateral agreement (if not X.400) Notarisation X.509 Certificate (signed by a Notary) supported by main messaging products (Windows and Linux) Notary  independent third party (usually) e-business protections Techical Solutions

11 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Validity of digital signatures accepted as agreement of proof of wish (not only proof of origin) essential for Government Validity of electronic documents same value than paper documents exceptions for specific situations (not validity for specific situations) Validity of digitalized documents obtained from paper documents  same value than electronic documents exceptions for specific situations, if needed Security definition of crimes by computer (must be caracterized in Penal Laws) Legal Issues

12 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 e-commerce/e-documents Bill 1483/99 (Dep. Dr. Hélio)  electronic invoice Bill 1589/99 (Dep. Luciano Pizzato)  e-commerce  e-documents  signatures  notaries  conditions to offer products and services by electronic means  certification Bill 672/99 (Sen. Lúcio Alcântara)  e-commerce  e-messages  signatures Legal Framework — Brazil Main acts, bills and decrees EC Comission Representatives House Approved Senate  Representative House Joint Comission

13 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 e-commerce/e-documents Dec. 3585/00  validity  government  e-documents (some must be electronic) Dec. 3587  Government PKI  asymmetric keys  certification policy Instruction SRF 156/99  e-CPF (persons) & e-CNPJ (companies)  electronic services  CAs & RAs Legal Framework — Brazil Main acts, bills and decrees bypass lack of laws

14 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 security Bill 84/99 (Dep. Luiz Piauhylino)  crimes by computer  all main crimes Law 9983/00  crimes against Social Security  2 crimes by computer insertion of fraudulent data non-authorized data modification  no other crimes (hacking without modification or insertion, etc.) Dec. 3505/00  Information Security Policy for Federal Administration Legal Framework — Brazil Main acts, bills and decrees

15 www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 HENRIQUE CÉSAR DE CONTI Director — Membership and Information Services henrique.conti@brisa.org.br Tel. +55-61-328 8872Fax +55-61-328 2593

Download ppt "Www.brisa.org.br Copyright BRISA 2001ITU —Multimidia in the 21st CenturyJun 5, 2001 Security Requirements for Business Communication HENRIQUE DE CONTI."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.
S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.

S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.
PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :

PROJECT ON DIGITAL SIGNATURE Submitted by: Submitted to: NAME: Roll no: Reg.no. :
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
© UPU 2014 – All rights reserved Mitigating online risk for postal e-services.

© UPU 2014 – All rights reserved Mitigating online risk for postal e-services.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,

DIGITAL SIGNATURE AND ELECTRONIC DOCUMENTS IN ITALY Prof. Pierluigi Ridolfi AIPA Authority for Information Technology in the Public Administration V. Solferino,
18/05/99 FAMO- MODELO- 000 1. 18/05/99 FAMO- MODELO- 000 2 REGIONAL HIGH-LEVEL WORKSHOP ON ELECTRONIC COMMERCE AND ICT FOR CENTRAL AMERICA AND THE CARIBBEAN.

18/05/99 FAMO- MODELO /05/99 FAMO- MODELO REGIONAL HIGH-LEVEL WORKSHOP ON ELECTRONIC COMMERCE AND ICT FOR CENTRAL AMERICA AND THE CARIBBEAN.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Information Security of Embedded Systems 3.2.2010: Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Similar presentations

Ads by Google