KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.

Slides:

Advertisements

Similar presentations

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG

Advertisements

PKI services in the Public Sector of the EU Member States Objectives and Methodology of the survey Prof. Sokratis K. Katsikas University of the Aegean,

Global e-security 1 GATEKEEPER CACR Connecticut 09 November 1999.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Secure Communication Architectures.

Effective Design of Trusted Information Systems Luděk Novák,

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Security Controls – What Works

COEN 351: E-Commerce Security Public Key Infrastructure Assessment and Accreditation.

Advanced Metering Infrastructure AMI Security Roadmap April 13, 2007.

The HITCH project: Cooperation between EuroRec and IHE Pascal Coorevits EuroRec 2010 Annual Conference June 18 th 2010.

Troy Hutchison Service Oriented Architecture (SOA) Security.

Applying the ISO RM-ODP Standard in e-Government B. Meneklis 1, A. Kaliontzoglou 2,3, D. Polemi 1, C. Douligeris 1 1 University of Piraeus, Department.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School

PROTECTION OF NATO INFORMATION AND NATO CIS Col

Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.

Deploying a Certification Authority for Networks Security Prof. Dr. VICTOR-VALERIU PATRICIU Cdor.Prof. Dr. AUREL SERB Computer Engineering Department Military.

Vilnius, October 21st, 2002 © eEurope SmartCards Securing a Telework Infrastructure: Smart.IS - Objectives and Deliverables Dr. Lutz Martiny Co-Chairman,

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

SEC835 Database and Web application security Information Security Architecture.

Don Von Dollen Senior Program Manager, Data Integration & Communications Grid Interop December 4, 2012 A Utility Standards and Technology Adoption Framework.

The need for further standards and technical developments Brian Moore ITU-T Study Group 13 Chairman Lucent Technologies.

Cryptography and Network Security

Eng. Wafaa Kanakri Second Semester 1435 CRYPTOGRAPHY & NETWORK SECURITY Chapter 1:Introduction Eng. Wafaa Kanakri UMM AL-QURA UNIVERSITY

Security requirements for e-government services: a methodological approach for developing a common PKI-based security policy Authors: C. Lambrinoudakis,

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

Towards a European network for digital preservation Ideas for a proposal Mariella Guercio, University of Urbino.

1 Common Criteria Ravi Sandhu Edited by Duminda Wijesekera.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Overview of IHE IT Infrastructure Patient Synchronized Applications.

SWIM-SUIT Information Models & Services

DICOM and ISO/TC215 Hidenori Shinoda Charles Parisot.

Security Overview  System protection requirements areas  Types of information protection  Information Architecture dimensions  Public Key Infrastructure.

Web Services Standards. Introduction A web service is a type of component that is available on the web and can be incorporated in applications or used.

Engineering Essential Characteristics Security Engineering Process Overview.

Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.

Massachusetts Open Standards Policy Claudia Boldman Director of Policy and Architecture Information Technology Division, MA.

EuroRec Seal 2010 Dr. J. Devlies, ProRecSarajevo, August 31th 2009 The EuroRec Seal 2010 Dr. Jos Devlies, EuroRec Sarajevo, August 31 st 2009.

The research leading to these results has received funding from the European Community's Seventh Framework Programme (FP7/ ) under grant agreement.

Creating a European entity Management Architecture for eGovernment CUB - corvinus.hu Id Réka Vas

Work Group / Work Item Proposal Slide 1 © 2012 oneM2M Partners oneM2M-TP oneM2M_Work_Group_Work_Item_Proposal Group name: Technical Plenary Source:

Manish Mehta, CS 590L Authentication Services in Open Grid Services by Manish Mehta April 27, 2004.

Connect. Communicate. Collaborate The authN and authR infrastructure of perfSONAR MDM Ann Arbor, MI, September 2008.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. Tomas Vitvar SemanticGov 3 rd Planetary.

Public Works and Government Services Canada Travaux publics et Services gouvernementaux Canada Brenda Watkins Director Policy and Business Strategies Information.

Features Governmental organization Critically important ICT objects Distributed infrastructure Three levels of confidentiality Dozens of subsidiary organizations.

Sept 13-15, 2004IHE Interoperability Workshop 1 Integrating the Healthcare Enterprise Patient Identifier Cross-referencing Charles PARISOT GE Healthcare.

1 reTHINK Deliverables, How To Read reThink deliverables quick starter.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.

Chapter 21: Evaluating Systems Dr. Wayne Summers Department of Computer Science Columbus State University

Presented by: Sonali Pagade Nibha Dhagat paper1.pdf.

The NIST Special Publications for Security Management By: Waylon Coulter.

1 Dr. Spyros Papastergiou, University of Piraeus (Greece)–Dept. of Informatics M. Zaharias Singular Logic (Greece) CYSM Risk Assessment Methodology.

eHealth Standards and Profiles in Action for Europe and Beyond

SWIM Common PKI and policies & procedures for establishing a Trust Framework Kick-off meeting Patrick MANA Project lead 29 November.

PLUG-N-HARVEST ID: H2020-EU

AMI Security Roadmap April 13, 2007.

Group Meeting Ming Hong Tsai Date :

Prof. Sokratis K. Katsikas University of the Aegean, Greece

SCOOP4C: Societal Vision for Once Only Principle for Citizens

HIPAA Compliance Services CTG HealthCare Solutions, Inc.

WS Standards – WS-* Specifications

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

Presentation transcript:

KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean

6/5/1998 K E Y S T O N E 2 Project Participants u EXPERTNET S.A. (Greece) –University of the Aegean (Greece) u IGNIS Technologies Ltd. (Ireland)

6/5/1998 K E Y S T O N E 3 Project objective robust, scaleable, based on standards, extensible, flexible and useful across application domains and national and administrative boundaries. u The main aim of KEYSTONE is to specify a logical PKI architecture which is robust, scaleable, based on standards, extensible, flexible and useful across application domains and national and administrative boundaries.

6/5/1998 K E Y S T O N E 4 Technical Approach ACTS INFOSEC ARCHITECTURE METHODOLOGIES USER REQUIREMENTS TTP SERVICES & INFRASTRUCTURES FUNCTIONAL SPECS REFERENCE MODEL FUNCTIONAL ARCHITECTURE TECHNOLOGIES TECHNOLOGY EVALUATION STANDARDSBUSINESS MODEL MANAGEMENT ARCHITECTURE TECHNOLOGY PROFILES

6/5/1998 K E Y S T O N E 5 WP1: D 1.1 & D 1.2 INFOSEC projects – The Nilson Marinade review report – S2101 project – THIS & TrustHealth-ETS in healthcare – TESTFIT in freight – BOLERO in shipping – Ebridge in distributed business services – EAGLE in several commercial activities ACTS projects – ABS – GAIA – MULTIMEDIATOR – OSM Overview of related INFOSEC and ACTS projects

6/5/1998 K E Y S T O N E 6 TTP User Requirements Report: INFOSEC and ACTS Projects Review D 1.1 TTP User Requirements Report: INFOSEC and ACTS Projects Review u Issues studied: –Main objectives and description. –Technical overview. –How common threats are dealt with. –Organizational, legal and regulatory issues. –Achievements and expected impact. u Result: –Correlation of each project’s results and cross domain statement of the tools and services needed by TTP users.

6/5/1998 K E Y S T O N E 7 Conclusions of the user requirements capture process Minimal set of security services: – authentication of users – integrity of messages – privacy and confidentiality of messages – non-repudiation of message origin and destination – availability of services – ease of use Additional services: – anonymity of participants – uniqueness of documents – protection from abuse of any participant by another Key escrow: Addressed only by EAGLE.

6/5/1998 K E Y S T O N E 8 TTP services: INFOSEC Projects Review D 1.2 TTP services: INFOSEC Projects Review u Issues studied: –Trust model. –Certification infrastructure. –Functions and services for supporting the certification process.

6/5/1998 K E Y S T O N E 9 Conclusions of Deliverable 1.2 u An overview of TTP infrastructures. u An overview of TTP services: –Primary services (e.g. certificate and key management). –Secondary services (e.g. audit and underwriting). –Value added services (e.g. to key generation/management ). –Services of strategic/organisational impact (e.g. TTP interoperation services).

6/5/1998 K E Y S T O N E 10 D1.3 Architecture Specification Guidelines Issues Studied u Review of the architecture techniques in the projects –ABS –GAIA –MULTIMEDIATOR –OSM u Architecture specification guidelines for Keystone

6/5/1998 K E Y S T O N E 11 D1.3 Results: Architecture Guidelines u Maximal compatibility & extensibility u Maximal re-use of existing solutions u Orientation towards parallel processing u RM-ODP elements in the ETS Reference Model u GAIA approach as the basis for the TTP Functional Architecture u Attention to TINA and OMA as service frameworks

6/5/1998 K E Y S T O N E 12 Current work u The focus is on the services of the TTPs and the PKI: –Services link user requirements and PKI functions. –Example scenarios in which services are used. –Services examples: registration, certificate management, key management, etc.

6/5/1998 K E Y S T O N E 13 Next steps... u Coming deliverables focus on: –Functional specification. –Reference model. –Functional architecture. –Environmental aspects. –Technology evaluation. –Integration.