Securing Data in ePassports Policy Issues ICAO/NTWG.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure and Applications

Advertisements

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Technical Report PKI for Machine Readable Travel Documents offering ICC read-only access TAG_15 Montreal, Tom Kinneging.

Smart Cards Our Inevitable Future Mark Shippy. What are smart cards? Credit card sized plastic card with an embedded chip. Credit card sized plastic card.

Chapter 14 – Authentication Applications

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

Nairobi, Kenya 29-31October Fifth Special Meeting of the Counter- Terrorism Committee with International, Regional and Subregional Organizations.

European Electronic Identity Practices Country Update of …………… Speaker: Date:

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

Security of eGovernment, European Parliament, Brussels 2013 Max Snijder, Linda Kool, Geert Munnichs L Kool | 1 19 February 2013 Findings from the ePassport.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

1 MRTD Programme: Consolidating Comprehensive Security and Enhancing Facilitation Mauricio Siciliano Mauricio Siciliano ICAO MRTD Programme ICAO/McGill.

Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.

PAPERLESS BUSINESS in GEORGIAN FINANCIAL SECTOR NANA ENUKIDZE - Advisor to the Governor.

Biometrics – updates on ISO and ICAO Asbjørn Hovstø Porvoo7 Reykjavik, Iceland 27th May 2005.

The Icelandic biometric passport The Porvoo Group 7th Seminar Hotel Loftleidir, Reykjavik, Iceland May 2005 Þorsteinn Helgi Steinarsson.

Biometrics in New Zealand Passport issuing Border crossing System and information access Building access.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

03 December 2003 Digital Certificate Operation in a Complex Environment Consultation/Stakeholders Meeting 3 December 2003.

Risk of Using RFID chips in Passports Oscar Mendez.

E-Passport standard status and efforts at Japan IC passport study committee  Head of Japan ISO/IEC JTC1/SC17/WG3  Member of ICAO-NTWG  Manager of Japanese.

Key Management in Cryptography

P O L I C E D E P A R T M E N T  Biometric passport – Passport Act – Issuing a biometric passport – Development project  Biometric Passport To Biometric.

ASYMMETRIC CIPHERS.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Public Key Infrastructure Ammar Hasayen ….

1 May 2006 … Identity management - Internet - Data controller - PKI - Vulnerabilities - Fingerprint - Critical Information Infrastructure - Privacy and.

Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.

Biometrics on the international scene David Gamper, ACI Headquarters Scope of presentation ICAO TAG/MRTD progress Different uses of biometrics ACI World.

Harmonisation of electronic Identities for the European Citizen Jan van Arkel, co- chair Porvoo group, May 11, 2006 Ljubljana.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.

New Technologies and Travel Documents ICAO 12 th Meeting of the Facilitation Division Cairo March 23, 2004.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

James Higdon, Sameer Sherwani

Risks of data manipulation and theft Gateway Average route travelled by an sent via the Internet from A to B Washington DC A's provider Paris A.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

The Porvoo Group Tapio Aaltonen Director, CA-services, co- chair Porvoo Group Population Register Centre Finland.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Cryptography and Network Security (CS435) Part Eight (Key Management)

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Transboundary Trust Space February 16, 2012 Ensuring trust in information exchange – proposal and approaches from Russia and CIS-states (RCC states) National.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.

Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Brenda Watkins Director Policy and Business Strategies Information.

Pairing Based Cryptography Standards Terence Spies VP Engineering Voltage Security

Some Technical Issues in PKI Deployment David Chadwick

ACI Biometrics Task Force Status Report ACI Bio TF Meeting 2 Geneva, Switzerland April 21, 2005.

Why a Commercial Provider should Join the Academic Cloud Federation David Blundell Managing Director 100 Percent IT Ltd Simple, Flexible, Reliable.

Harmonised use of accreditation for assessing the competence of various Conformity Assessment Bodies Dr Andreas Steinhorst, EA ERA workshop 13 April 2016,

Nikita Maria Department of Applied Informatics University of Macedonia - Greece.

TAG Presentation 18th May 2004 Paul Butler

Securing Data in ePassports

Technical Report PKI for

TAG Presentation 18th May 2004 Paul Butler

New Technologies and Travel Documents

Securing Data in ePassports

Technical Report PKI for

Institutional changes The role of Bilateral Oversight Boards

Appropriate Access InCommon Identity Assurance Profiles

Instructor Materials Chapter 5: Ensuring Integrity

E-identities (and e-signatures)

RECORDING AND DOCUMENTING IMMIGRATION CONTROLS

Presentation transcript:

Securing Data in ePassports Policy Issues ICAO/NTWG

John Davies Director of Systems, UK Passport Service Chairman NTWG PKI Task Force

ICAO/NTWG The presentation will address: Why secure electronic data? Why use PKI/encryption? How a globally interoperable PKI could work for passports

ICAO/NTWG To ensure the electronic data was loaded by the appropriate passport issuing authority To ensure the electronic data has not been overwritten or amended in any way. To protect inappropriate access to data by unauthorised persons or organisations. Why secure electronic data?

ICAO/NTWG –Biometric information Portrait Data (mandatory) Finger print and iris data (optional) –Personal details from the passport biodata page ( name, date of birth, passport number, etc.) e-Passports will initially contain the following electronic data:

ICAO/NTWG –e-Passport specifications will offer read only access to the electronic data and will not initially offer any updating facility. –This limitation will facilitate a simple form of security implementation in the first instance.

ICAO/NTWG There is a tension between : –Ensuring the electronic data is secure from inappropriate access –Ensuring the electronic data can be accessed easily by immigration authorities.

ICAO/NTWG The PKI scheme is based on open access but allows individual states to choose optional additional security methods to protect personal data.

ICAO/NTWG PKI is a well established method of protecting and authenticating data held on computer chips. No other scheme offers equivalent security for chip technology. Why use a public key infrastructure (PKI)?

ICAO/NTWG The proposals do not include encryption for basic personal data or the facial biometric. Encryption of fingerprint or iris data could be considered by states who choose to use these forms of biometric, but encryption specifications have not been developed. Why use encryption?

ICAO/NTWG –A peer-based environment with each state independent and autonomous with respect to passport security. –An agreed means of sharing and updating public keys. The PKI scheme proposes:

ICAO/NTWG –Generate key sets and protect from unauthorised access. –Manage distribution of country signing certificates using bilateral secure diplomatic means. –Manage certificate revocations when a key is compromised. –Facilitate dissemination of information about public keys via ICAO public key directory. Responsibilities for states issuing e- passports:

ICAO/NTWG –RSA or DSA or elliptic curve and related hashing algorithms are included in the specifications. The PKI specifications recognise many individual states already have a PKI infrastructure :

ICAO/NTWG –Maintain up to date information about public keys and certificate revocations on their systems. –Provide suitable reader infrastructures. PK1 responsibilities for states reading e-Passports :

ICAO/NTWG –To provide an efficient and reliable public key directory –Ensure the directory is only updated by member states. –Provide open access to public key information to participating states and organisations. ICAO Responsibilities:

ICAO/NTWG –Aimed at specialists familiar with PKI. –Proposes a technical framework and guidelines to enable each country to develop secure e-Passports. The PKI Technical report:

ICAO/NTWG The technical report includes an annex on PKI and security threats. This is intended to aid individual states with their own risk analysis and mitigation decisions.