Presentation is loading. Please wait.

Presentation is loading. Please wait.

QuoVadis Group Roman Brunner, Group CEO Update for EUGridPMA – May 12, 2009.

Published byAlexis Owen Modified over 8 years ago

Similar presentations

Presentation on theme: "QuoVadis Group Roman Brunner, Group CEO Update for EUGridPMA – May 12, 2009."— Presentation transcript:

1 QuoVadis Group Roman Brunner, Group CEO Update for EUGridPMA – May 12, 2009

2 QuoVadis Snapshot Founded 1999 as Commercial Certification Authority Offices in Switzerland, UK, Holland, Bermuda Organisations want to “use digital certificates” more than “run their own PKI” –Complexity of PKI policy and technology can distract from the actual business QuoVadis provides turnkey solutions surrounding digital certificates and digital signatures –Allow the customer to focus on their users and core systems/processes Critical mass to provide: –Specialised registration systems to improve user experience, compliance –Secure hosting and operations of the PKI –Support for arcane PKI issues –Audits and accreditations –Wide distribution of roots in OS and Browsers

3 Do It Yourself ? OIDs Operational policy and procedures Archiving Policy Approval Authority Implementation plan Operational CAs Root CA Directory structure Token management Smart card issuing Validation process Naming convention Regulatory compliance Renewal process OCSP Revocation process Registration process Legal liability CP & CPS Backup systems Firewalls Business continuity plan Security Policy and Procedures Support organisation Trust Model End-to-end test Operations test System test Training Support Training end-users Training Operations Audit Key Management Hardware management Concept of Operations

4 Service Overview Digital Certificates End User certificates, including Qualified and Advanced certificates, for various uses. Functional certificates, including ElDI-V/GeBüV, code signing, gateway, etc. SSL including the new Extended Validation SSL. Managed PKI Outsourced certification authorities (CA) that can be tailored to the particular needs of a client or community. Rapid-deployment Trust/Link registration authority (RA) web portals for easy issuance for both End User and SSL certificates. Signing Services Trusted time-stamping to reinforce data integrity and non-repudiation in the submission, storage/archive, or tracking of electronic records. Digital signing tools (both client and server side). Root Services Root CA hosting for organisations wishing to set up their own trust anchors. Root CA signing enhances the trust and recognition of customers’ in-house CAs. PKI policy, technologies, and integration into customer environments.

5 Root Distribution Browsers Microsoft Internet Explorer 5.0+ (including Maxthon and others) Mozilla Firefox 1.02+ (including Camino, Fennec, and Sea Monkey) Opera 9.26+ (including Opera Mini) Safari 1.0+ (including mobile Safari) Google Chrome Konqueror and K-Meleon Operating Systems Microsoft Windows XP+ Apple OS/X+ RIM Blackberry 4+ KDE Java (in progress) Email Clients Apple Mail.app Eudora Microsoft Entourage Microsoft Outlook Microsoft Outlook Express Mozilla Thunderbird Mozilla Sea Monkey RIM Blackberry Mail (part of Core Applications) Other Microsoft Office Open Office Wide array of OSS applications that use the Mozilla NSS libraries 3.9+ Adobe Acrobat (in progress)

6 Audits and Accreditations QuoVadis seeks accreditations in support of our client needs: –WebTrust for Certification Authorities –WebTrust for Extended Validation –Swiss Qualified Certification Services Provider –Netherlands Qualified Certification Services Provider –Bermuda Authorised Certification Services Provider –Currently obtaining PKI Overheid Accreditation in the Netherlands

7 QuoVadis Grid CA Custom GridCA built for SWITCH in compliance with EUGridPMA standards –Updates made to QuoVadis CP/CPS Evolved from QuoVadis relationship providing SSL to SWITCH institutions using Trust/Link SSL Available for other EUGrid members’ use: –Reduce PKI management burden –Simple interface for users –Chained to QuoVadis root for wider “trust” in end user software

8 EUGridPMA Accreditation EUGridPMA team has performed a detailed review and approval of: –The QuoVadis CP/CPS –The QuoVadis Grid Issuing CA, End User, Server and CRL certificate profiles The repository on the QuoVadis website (http://www.quovadisglobal.com/repository) contains the QuoVadis Grid Issuing CA certificate, the Grid CRL, and the QuoVadis Root Certificateshttp://www.quovadisglobal.com/repository Update to CP/CPS will be posted when CA goes into production QuoVadis are currently in progress with the TACAR application A big thanks to all the EUGridPMA reviewers for all their hard work, time, and input!

9 Certificate Types Grid End User certificates for authentication and secure e-mail Grid Server certificates for authentication and secure communication with Grid resources Grid members who wish to use the Grid CA would sign up as Participating Institutions/Registration Authorities –QuoVadis is working with SWITCH to document procedures for RAs Certificates will be issued and managed using our Trust/Link web applications: –Trust/Link For End Users –Trust/Link For SSL

10 Example: Trust/Link SSL Pre-vetted details allows immediate issuance of SSL –Templates for consistency Separation of institution “accounts” Delegated administration, ability to accommodate different approval regimes Single login for Subscribers to manage all their SSL Custom emails for lifecycle events Flexibility for certificate types, use of SANs, etc. QuoVadis can provide demonstrations for interested groups

11 Roman Brunner r.brunner@quovadisglobal.com +41 71 272 60 60

Download ppt "QuoVadis Group Roman Brunner, Group CEO Update for EUGridPMA – May 12, 2009."

Similar presentations

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.

1 WebTrust for Certification Authorities (CAs) Overview October 2011 WebTrust for Certification Authorities (CAs) Overview October 2011 Presentation based.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.

PKI in US Higher Education TAGPMA Meeting, March 2006 Rio De Janeiro, Brazil.
PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.

PKI Activities at Virginia January 2004 CSG Meeting Jim Jokl.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka

National Institute of Advanced Industrial Science and Technology Auditing, auditing template and experiences on being audited Yoshio Tanaka
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.

Identity Management and PKI Credentialing at UTHSC-H Bill Weems Academic Technology University of Texas Health Science Center at Houston.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.

1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.
Configuring Active Directory Certificate Services Lesson 13.

Configuring Active Directory Certificate Services Lesson 13.
Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure from the Most Trusted Name in e-Security.
Public Key Infrastructure Ammar Hasayen 2013. ….

Public Key Infrastructure Ammar Hasayen ….
1 Digital Credential for Higher Education John Gardiner 202-973-6618 August 11, 2004.

1 Digital Credential for Higher Education John Gardiner August 11, 2004.
IDA Security Experts Workshop Olivier LIBON Vice President – GlobalSign November 2000.

IDA Security Experts Workshop Olivier LIBON Vice President – GlobalSign November 2000.

Similar presentations

Ads by Google