SWIM Common PKI and policies & procedures for establishing a Trust Framework                           Kick-off meeting Patrick MANA Project lead 29 November 2017

Agenda Welcome - Introduction Tour de table Project scope/objective Technical content Tasks/deliverables Contribution Next steps AOB SWIM Common PKI and policies & procedures for establishing a Trust framework

Why this initiative? The local deployment of a Public Key Infrastructure (PKI) at a stakeholder is a well-established technical undertaking that can rely on proven technology and best practices. Even the basic processes and policies required to operate the PKI locally are a local issue in the first place. However to establish the required trust in the other parties on a European scale, a commonly agreed set of processes and policies is required especially with the aim to ensure the interoperability of digital certificates. SWIM Common PKI and policies & procedures for establishing a Trust framework

The SESAR Deployment Programme and 2017 CEF Transport Calls Project objectives to cover Family 5.1.4 Common PKI and Cyber Security Information to be exchanged and business impact if compromised Properties of information to be exchanged International data exchange (e.g. FAA) Trustworthiness on business level Identify business objectives Define trust models/structure supporting the identified business objectives Identify minimum requirements for the technical tools and how to use the tools Define content of certificates Develop overall architecture Match business objectives and policies with technical solutions Define legal and organizational framework Develop policies / standards / legal framework Define minimum cyber security objectives and requirements for Common PKI service(s) Define minimum cyber security objectives and requirements for PKI clients PKI implementation supported by cyber security defenses Develop guidance material to support SWIM Service Provider Develop guidance material to support SWIM Service Consumers Develop guidance material

SWIM Common PKI (Family 5.1.4) Common Bridge PKI

Description/Scope/Objective The project aims at developing and deploying a common framework for both integrating local PKI deployments in an interoperable manner as well as providing interoperable digital certificates to the users of SWIM. The resulting PKI and its associated trust framework, which will be part of the cyber security infrastructure of aviation systems, are required to sign, emit and maintain digital certificates and revocation lists as required in the family 5.1.4. The digital certificates will allow user authentication and encryption/decryption when and where needed in order to ensure that information can be securely transferred. All aviation Stakeholders (ANSPs, Airspace users, MIL, Airport, etc …) will benefit from the project. The scope of the project includes the definition and development of a dedicated common PKI and its associated trust framework for Europe, its integration and validation with some Stakeholders. It will ensure the interoperability of digital certificates within Europe and with other regions. The project also aims at preparing the development of the systems needed to operate a PKI and its associated trust framework in order to produce and manage digital certificates, e.g. Certification Authorities, validation services such as OCSP (Online Certificate Status Protocol) or CRL (Certificate Revocation List), user interfaces, systems supporting the Registration Authority and Policy Management Authority roles. These systems will be developed through procurement, for which the project will prepare the Call For Tenders (CFT). SWIM Common PKI and policies & procedures for establishing a Trust framework

Tasks for 5.1.4 (1/2) Develop the Trust Framework policies and procedures Define the Policy Management Authority (PMA) (Terms Of Reference (ToR), procedures) Develop/approve the initial Certificate Policy/Certification Practices Statement(s) Develop the Membership Agreement Ensure interoperability with others PKIs, e.g. US Federal Bridge Etc. Develop Common PKI specifications (for both development and operations) Develop high-level architecture Functional Technical Specifications (including certificates specs) Define the (SWIM) interfaces to the Common PKI Define Users interface Define validation interfaces (e.g. OCSP interface (Online Certificate Status Protocol), CRL interface (Certification Revocation List)) etc. SWIM Common PKI and policies & procedures for establishing a Trust framework

Tasks for 5.1.4 (2/2) Interface with SWIM Governance Project Interaction with SWIM governance project deliverables Prepare the material for the potential launch of a CFT (scope still to be defined) Develop the draft of technical and contractual specifications Prepare all necessary material for operations Develop guidance for SWIM service providers Develop guidance for SWIM service consumers Project Management SWIM Common PKI and policies & procedures for establishing a Trust framework

Technical content SWIM Common PKI and policies & procedures for establishing a Trust framework

Common PKI Designed for ATM and providing ATM specific services : Compliant with SWIM PKI requirements as set in SESAR 14.1.4-D44-002 (Families 5.1.4 & 5.2.3) Can be the response to ICAO/AFSG need for a European PKI ATM specific services: support to safety case, DSU Able to comply with US (FAA) PKI Recommended to have a fully dedicated PKI (producing and managing only those aviation certificates, not shared with other domains) Governance : Liaise with SWIM governance SWIM Common PKI and policies & procedures for establishing a Trust framework

Common PKI and Trust Framework Common PKI and Trust framework: … not only a PKI Means to ensure interoperability Policies and procedures to establish a Trust framework Cross-certification with at least US (FAA/FBCA) Dedicated Certification Authority platform Day-to-day operations by a contractor Aspects of Service Provision under governance liaising with SWIM governance: Policy Management Authority & Registration Authority Root Certification Authority “key” components Public Key Infrastructure for European ATM Stakeholders: ANSPs, AUs, AOs, … Digital security keys Identification & authentication Encryption if needed Common Bridge PKI

Common PKI & Trust Framework: Goals Enhances the security of ATM information. It ensures that the users of services are those who have been authorised. It ensures the identity of services providers. It ensures the identity of information senders. It ensures the identity of information receivers. Ensures the interoperability of the certificates and the secured exchanges of information Supports the secure cooperation amongst ATM Stakeholders in the framework of an increasing inter-connection of systems (e.g. AMHS, SWIM) by: Providing a unique service and reference for European ATM identity and authentication management; Providing a mutual and trustworthy recognition of security certificates with other ICAO regions. Facilitates and extends the access and use of identity & authentication services to those ATM Stakeholders not yet using such services. SWIM Common PKI and policies & procedures for establishing a Trust framework

Why is a Cybersecurity Trust Framework Needed Cyber-security can not be effectively developed at the lower levels, it needs to start at the top: Establishing these common and mutually agreed upon methods to protect the aviation community from its cybersecurity risk needs to be centrally established and manage. Managed aviation cybersecurity through a federated Framework to govern aviation community as a whole through that get integrated into The various workgroups and programs to ensure global interoperability reducing the overall burden and impacts to the community as a whole Provide a frame of established common governance documents e.g. business, technical, legal, privacy This project intends to develop a Trust framework related to Common Bridge PKI. SWIM Common PKI and policies & procedures for establishing a Trust framework

Specific objectives through the Cybersecurity Trust Framework SPECIFICATIONS DEVELOPMENT. Develops common specifications for secure collaboration and information exchange through federation across the aviation community. Establish common methods and solutions that align and enable global interoperability. The specifications fall into these categories: Secure information exchange Identity credentials/digital identities and attributes Federated identity Information assurance GLOBAL GOVERNANCE. Establishes policy and governance for the aviation community . Interoperable Identity Federation Trust Framework Common Operating Rules Legal Framework & Allocation of Liabilities Accreditation & Trustmark COMMON BRIDGE. Hosts a Common Bridge for Aviation only Membership that enables secure collaboration between all aviation Stakeholders. SWIM Common PKI and policies & procedures for establishing a Trust framework

Elements of Trust Framework for Common PKI Organization Membership Agreement Multilateral Trust & Operating Agreement Accreditation Certification & Audit Process Trust Framework Governance Body Operational Trust Framework Trust Framework Provider Identity Providers Common Bridge & Credential Exchange Operator Relying Parties Credential Service Providers Attribute Exchange Service Attribute Providers Service Agreement Trust Framework Organization Governance Certificate Policy Common Operating Rules Governance Trust Framework Criteria & Methodology for Cross-Certification Certificate Policy Certification Practice Statement Technical Specifications Membership/Participation Governance Documents Trust Framework Governance Documents Technical Documents

Cross-certification (1/2): Cross-certification (1/2): What collaboration WITHOUT a cross-certification bridge looks like CA 5 CA 1 CA 4 CA 2 CA 3 SWIM Common PKI and policies & procedures for establishing a Trust framework

Common Bridge (Trust Anchor) Cross-certification (2/2): What collaboration WITH a cross-certification bridge looks like Common Bridge (Trust Anchor) CA 1 CA 2 CA 3 CA 4 CA 5 SWIM Common PKI and policies & procedures for establishing a Trust framework

Common PKI/Bridge/Trust Anchor SWIM Common PKI and policies & procedures for establishing a Trust framework

Common PKI: ICAO/AFSG - AMHS SWIM Common PKI and policies & procedures for establishing a Trust framework

SWIM Common PKI and policies & procedures for establishing a Trust framework

Local Applications/users/systems Other Bridges/CAs (e.g. FAA, ICAO in the future) Common Bridge & Root Certification Authority PMA SWIM Governance RA Issuing CA-1 (e.g. Non Safety Critical, Special Case) Issuing CA-2 (e.g. Safety Critical) Issuing CA-3 (e.g. Reserve (Safety Critical)) Issuing CA-X … Root signing Others: Users/ apps/ systems Local RA Local RA Local RA Local Applications Local RA Local Applications Local RA Applications/users/systems Local CA Subscribers: States/ Stakeholders Local Applications EUROCONTROL Local Applications Local Applications Local Applications Local Applications/users/systems PMA: Policy Management Authority RA: Registration Authority

Deliverables See excel SWIM Common PKI and policies & procedures for establishing a Trust framework

Contribution (see RACI table) SWIM Common PKI and policies & procedures for establishing a Trust framework

THANK YOU patrick.mana@eurocontrol.int SWIM Common PKI and policies & procedures for establishing a Trust framework

enter your presentation title back-up slides enter your presentation title

X.509 Digital certificates Can be used for: External exchanges: SWIM and non-SWIM Interoperability : no more need for cross-certification Strong authentication Internal exchanges: Internal Machine to Machine exchanges Can replace a Stakeholder “own” PKI SWIM Common PKI and policies & procedures for establishing a Trust framework

Public Key Infrastructure SWIM Common PKI and policies & procedures for establishing a Trust framework

Cross-certification (1/2) SWIM Common PKI and policies & procedures for establishing a Trust framework

Cross-certification (2/2) SWIM Common PKI and policies & procedures for establishing a Trust framework

World wide PKI – ICAO trust bridge hierarchy … The dream SWIM Common PKI and policies & procedures for establishing a Trust framework

Trust relations in a federated trust model SWIM Common PKI and policies & procedures for establishing a Trust framework

World wide PKI - Regional CA's with Cross-certification … the reality to start with SWIM Common PKI and policies & procedures for establishing a Trust framework

Regional cross-certificate trust model SWIM Common PKI and policies & procedures for establishing a Trust framework