Presentation is loading. Please wait.

Presentation is loading. Please wait.

Johnson & Johnson’s Public Key Infrastructure Bob Stahl

Published byPosy Austin Modified over 8 years ago

Similar presentations

Presentation on theme: "Johnson & Johnson’s Public Key Infrastructure Bob Stahl"— Presentation transcript:

1 Johnson & Johnson’s Public Key Infrastructure Bob Stahl rstahl@corus.jnj.com

2 Nov-2004 - 2 Johnson & Johnson The world’s largest and most comprehensive manufacturer of health care products Founded in 1886 Headquartered in New Brunswick, New Jersey Sales of $42 billion in 2003 200+ operating companies in 50+ countries 109,000+ employees worldwide Customers in over 175 countries

3 Nov-2004 - 3 Baseline PKI Architecture JJEDS Enterprise Directory JJEDS Offline Root CA (ORCA) JJEDS Principal Online CA (POLCA) JJEDS CRL Distribution Website PKI and Directory Enabled Applications Authoritative Feeds - Employees, Partners, Servers, Email addresses, Windows IDs

4 Nov-2004 - 4 JJEDS PKI Principles Based on open standards Directory-driven  Directory is the global identity master Web-based, self service model Strong identity proofing Build and operate it ourselves Separate signing and encryption keys Hardware tokens preferred Support operation in FDA-validated environments

5 Nov-2004 - 5 Standards Based LDAP Directory X.509v3 Certificates and CRLs  RFC 2459, Internet X.509 Public Key Infrastructure Certificate and CRL Profile RFC 2527 Certificate Policy and Certificate Practice Statement  Rewrite underway based on RFC 3647

6 Nov-2004 - 6 Self-Service Registration 1. New employee, Alice, is entered into HR Database 2. Overnight, Alice has an entry in the Enterprise Directory 3. When Alice is ready to get her Digital Identity, she visits the JJEDS web site IVC 4. One-time codes are generated and emailed to Alice and her supervisor Enterprise Directory CAC 4. Alice’s supervisor delivers her IVC to her person-to-person 5. Alice returns to JJEDS and authenticates with her IVC and CAC 6. Alice’s certificates are generated on her client, and provide only her ID, not her access privileges 8. Alice’s signature key is never duplicated -- her decryption key is escrowed for contingencies If Alice ever need to recover an old encryption key, she can do it herself 9. When Alice’s cert is about to expire or if her Name or Email changed, then she can revoke her old certificate and get a new one by herself. 7. Alice’s certificates are published to the Enterprise Directory and from there to the Email directory

7 Nov-2004 - 7 Security Vision Legal & Regulatory Compliance Directory- Centric Corporation (Global Identity Master) Eliminate Passwords Secure Electronic Transactions JJEDS Digital Identities Authoritative Sources Unique identities for people (and machines)

8 Nov-2004 - 8 Applications Directory took off on its own – 150,000+ active entries  WWID-based login  Workflow routing  Phonebook replacement  Online organization charts  Compliance tracking / training  Email lookups for applications

9 Nov-2004 - 9 PKI Applications Remote Access – 60,000+ users Secure Email  Research collaboration  Legal department  Marketing  Personnel discussions Adverse event reporting Skincare marketing intelligence web site SOX compliance reporting Ethics certification Coming Soon – Enterprise Apps  e.g., SAP, Oracle, Windows Login

10 Nov-2004 - 10 Next Leap - SAFE SAFE – Secure Access for Everyone What is it?  Biopharma industry consortium aimed at facilitating e-transactions through SAFE-wide digital credentials  Participants include J&J, Pfizer, Merck, GSK, Aventis, Lilly, PG, Novartis, others  Technology selected for use: PKI PKI perspective:  Additional emphasis on Digital Signatures

11 Nov-2004 - 11 SAFE Value Potential

Download ppt "Johnson & Johnson’s Public Key Infrastructure Bob Stahl"

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
What is. Digital Certificate It is an identity.

What is. Digital Certificate It is an identity.
© 2006 IBM Corporation Tivoli Identity Manager Express Tivoli Access Manager for Enterprise Single Sign-On (Product Demonstrations) Tivoli Live! – 15 June.

© 2006 IBM Corporation Tivoli Identity Manager Express Tivoli Access Manager for Enterprise Single Sign-On (Product Demonstrations) Tivoli Live! – 15 June.
3SKey 3SKey.

3SKey 3SKey.
© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.

© 2013 IBM Corporation IBM Security Systems 1 © 2013 IBM Corporation Identity Management And Session Recording A Partnership with IBM and ObserveIT.
SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.

SAFE BioPharma Association CONFIDENTIAL1 SAFE Public Key Infrastructure (PKI) 2005 EDUCAUSE/Dartmouth PKI Deployment Summit.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
1 Johnson & Johnson: Use of Public Key Technology Rich Guida Director, Information Security Rajesh Shah Sr. Consultant, Information Security.

1 Johnson & Johnson: Use of Public Key Technology Rich Guida Director, Information Security Rajesh Shah Sr. Consultant, Information Security.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Johnson & Johnson Use of Public Key Technology Brian G. Walsh Senior Analyst, WWIS.

Johnson & Johnson Use of Public Key Technology Brian G. Walsh Senior Analyst, WWIS.
UNCLASS DoD Public Key Infrastructure LCDR Tom Winnenberg DISA API1 Chief Engineer 25 April 2002.

UNCLASS DoD Public Key Infrastructure LCDR Tom Winnenberg DISA API1 Chief Engineer 25 April 2002.
HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.

HEBCA – Higher Education Bridge Certification Authority Presented by Scott Rea and Mark Franklin, Fed/Ed Meeting, 12/14/2005.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.

#CONVERGE2014 Session 1304 Managing Telecom Directories in a Distributed or Multi-Vendor Environment David Raanan Starfish Associates.
14 May 2002© 2000-02 TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.

14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.

Similar presentations

Ads by Google