Presentation is loading. Please wait.

Presentation is loading. Please wait.

S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.

Similar presentations


Presentation on theme: "S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity."— Presentation transcript:

1 s.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity

2 WELCOME TO A NEW LEADING NORDIC COMPANY

3 Many Communities Interacting Together

4 Humans are basically tribal –brought together by common needs –Individual members being trusted within their own communities

5 Many Communities Interacting Together But cross tribal communications are essential to commerce

6 Many Communities Interacting Together So how can contractual trust be established between communities ? € €

7 Many Communities Interacting Together Especially with multiple relationships? € € €

8 Many Communities Interacting Together Especially with multiple relationships? € € € €

9 US Federal Bridge c2006 Not Much Fun ?

10 Legality Liability Conduct What Can Go Wrong? – Why Bother ? Repudiation –Company credentials –Correspondent credentials Dispute –Document Content –Chronology Compliance –Post transaction investigation –Transparency

11 Business Challenges when Dealing with eIDs from Other Communities Determining risk related to accepting an eID from another Community –Quality –Trustworthiness –Liability Establishing business processes for handling those eIDs Predicting cost for authentication and validation with SLAs Managing exceptions S. 11

12 Business Challenges when Dealing with eIDs from Other Communities Determining risk related to accepting an eID from another Community –Quality –Trustworthiness –Liability Establishing business processes for handling those eIDs Predicting cost for authentication and validation with SLAs Managing exceptions S. 12

13 The Role of a Global Validation Service The primary role of a Global Validation Service is to provide a common trust (and hence liability) model enabling secure and trusted message flows between multiple communities using different identity providers without having to establish bilateral agreements between all possible combinations. Effort = Cost = Risk

14 BBS Global Validation Service: History 2006: DNV initiates project to build an independent identity validation service based on proven risk-based methodologies and using Ascertia Technology. 2007: BBS chosen as delivery partner 2009: BBS incorporates Global Validation Service into its SaaS portfolio maintaining DNV for CA risk analysis and T3P integrity. 2009: BBS’s Global Validation Service chosen as Trust Anchor for Norwegian Govt’s eHandel e-Procurement Solution s.14 Det Norske Veritas (DNV) was established in 1864 in Norway. The main scope of work was to identify, assess and manage risk for maritime insurance companies. Today it is globally recognised as a trusted independent party in many sectors. Ascertia is an experienced global provider of electronic identity (eID) validation and advanced digital signature software solutions, focusing on enabling trust within e-commerce environments using digital certificate, signature, timestamp, archive and encryption technologies.

15 DNV Providing Risk Assessment - Example s.15

16 s.16 Global Validation Service Function A Global Validation Service should: –manage signatures from many different communities within the digital process –provide an independent CA quality data for policy based processes –work in a global environment – not just Europe –provide guaranteed service levels for timely business decisions –Inform the Relying Party on the quality and trustworthiness of the signed documents received

17 Aiding inter-Community Relationships Risk reduction –The Global Validation Service takes on the risk management of the transaction Trust –A signature recipient can trust the Global Validation Service, as opposed to multiple Certificate Authorities, each having its own liability agreements under different national laws Business processes –There is one contract partner, one point of billing, one liable actor under contract law, no matter how many communities you interact with. Compliance –There is just one point of enforcement and historical record Security –Documents do not leave local domain. s.17

18 Sequence of Events 1.Sender uses certificate from their CA to sign document 2.Sender transmits signed documents 3.Receiver refers document to BBS via Gateway which ‘hashes’ document for security 4.GVS checks the signature against known Certificate Authorities for quality and applies Receiver’s own policies 5.GVS responds with assessment and ‘Fit for Purpose’ recommendation BBS Global Validation Service Architecture s

19 Certificate Authority 1 Community 1 Global Validation Service CA Quality Level SenderRecipient Certificate Authority 2 Community 2 Certificate Authority 3 Community 3 Connecting Communities s. 19

20 Technical Compliance Uses advanced CRL freshness policies to ensure the most up-to-date answers Supports OASIS, ETSI, IETF, W3C and other relevant industry standards Support for PEPPOL and other EU initiatives Complexity of multiple signature formats, and certificate validation processes managed by GVS: –PDF, XML DSig, PKCS#7, CMS, S/MIME, XAdES, CAdES, PAdES s. 20

21 Summary Inter Community transactions are complex if you wish to manage risk. Digital signatures can solve many issues but..... –The variable quality, risk and liability associated with many different eIDs and eSignatures from different communities leads to complexity and cost A Global Validation Service (GVS) can –act as a single point for compliance and transparency –reduce relying-party needs for many one-to-one contracts –determine if communication is ‘Fit For Purpose’ for the relying party –widen the market access for any community s. 21 Global Validation Services are provided from BBS

22 s.22 Jon Shamah EMEA Head of Sales Mob: BBS, eSecurity Haavard Martinsens vei 54, N-0045 OSLO


Download ppt "S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity."

Similar presentations


Ads by Google