Presentation is loading. Please wait.

Presentation is loading. Please wait.

Global e-security www.baltimoreinc.com 1 GATEKEEPER CACR Connecticut 09 November 1999.

Similar presentations


Presentation on theme: "Global e-security www.baltimoreinc.com 1 GATEKEEPER CACR Connecticut 09 November 1999."— Presentation transcript:

1 global e-security 1 GATEKEEPER CACR Connecticut 09 November 1999

2 global e-security 2 Overview Origins GPKA Evaluation - process Accreditation - an evolution Critique Look to the future Conclusion and Summary

3 global e-security 3 Origins Commenced in 1997 Three core initiatives  AGEGECThe Law  NOIEA National approach  OGITCommonwealth Government  Target May 1998 Gatekeeper launched May 07, 1998  Minister for Finance & Administration  GPKA Established  Secretariat Established Policy to process

4 global e-security 4 GPKA Government Public Key Authority Established May 1998 Core responsibilities  Manage the GPKI  Promote take - up within the Commonwealth  Recommend accreditation of TTPs  Establish and manage the accreditation process  Set standards for government operation  accredit Identity standards and processes

5 global e-security 5 GPKA - Within a PKAF PARRA International RCA Multi-national RCA Government Run ICA Government Run OCA’s Government Run ORA’s Government Accredited Commercial ICA Government Accredited Commercial OCA Government Run OCA Government Accredited Commercial ORAs Government Run ORA Non Government Run OCA Non Government Run ORA Non Government Accredited ICA Non Government Accredited OCA’s Non Government Accredited ORA’s GPKA Users

6 global e-security 6 GPKA - Membership OGO (Chair) H.I.C. ATO Core (Voting) Members DSD NOIE ? ? AIIA AEEMA PRIVACY Special interest groups Advisory (non voting) members Industry + Government

7 global e-security 7 Evaluation - process Submit Security Policy & Practice Statements For evaluation 1 Submit Procedures For Evaluation 2 Receive Certificate of Evaluation 3 Sign Head Agreement with OGO 4 Submit Agreements & Certificates to GPKA 5 Receive Entry Level GPKI Accreditation 6 Submit Technical Elements to AISEP for Evaluation A Receive DSD Certificate of Accreditation B Submit Procedures For Evaluation C Submit Procedures For Evaluation D

8 global e-security 8 Identity certificates Based on two criteria  Proof Of Identity  Value proposition Proof Of Identity (POI)  Points based  Derived from tax and social security fraud experience Value Proposition  Primary basis is financial commitment  No financial value  $10,000 aggregating to $100,000  $100,000 aggregating to 1,000,000

9 global e-security 9 Accreditation - an evolution GPKA - Government  State  Territory NEAC - National  Advisory board  All authentication JAZANZ - Commercial  PKI only  Standards based NEAC (PARRA) GPKA RCA ICA ORA OCA PAA PCA EE JAZANZ/CFA

10 global e-security 10 GPKA - Process GPKA OGO Secretariat Evaluators CASP

11 global e-security 11 Issues Identity certificates accredited to date Awaiting outcome of Primary attribute Identity certificates SSL certificates not supported (but used) Working groups have been established Outstanding issues  Attribute certificates  Functional certificates  Financial certificates  Registration Authority accreditation  + others

12 global e-security 12 Look to the future Widespread future use across government 3 Million certificates in operation probable by end 2000 Movement to mission critical status Drive towards independent trust proofs The road to recognition  Technical interoperability  Mutual recognition  Cross Certification

13 global e-security 13 Conclusion and summary Australia is at the forefront of PKI technology implementation Many issues as yet unresolved First accreditation achieved in 1999 (Baltimore) First such process at a national level State governments and New Zealand moving to adopt as standard approach More expert resources required at the GPKA Significantly influenced by industry and special interest groups

14 global e-security 14 A word to the wise Never, ever, get yourself into a situation where you go from policy writing to policy implementation


Download ppt "Global e-security www.baltimoreinc.com 1 GATEKEEPER CACR Connecticut 09 November 1999."

Similar presentations


Ads by Google