Presentation is loading. Please wait.

Presentation is loading. Please wait.

21 mai 2015 Bridges between Certification Authorities.

Published byAlfred Ray Modified over 9 years ago

Similar presentations

Presentation on theme: "21 mai 2015 Bridges between Certification Authorities."— Presentation transcript:

1 21 mai 2015 Bridges between Certification Authorities

2 Content 1.EU Services Directive 2.Interoperability of EU security infrastructures 3.Interoperability of electronic signatures 4.Conclusions 1.EU Services Directive 2.Interoperability of EU security infrastructures 3.Interoperability of electronic signatures 4.Conclusions

3 1.EU Services Directive

4 Directive 2006/123/EC By the end of 2009, service providers should be able to use, nationally and cross-borders, electronic procedures as set out in Art. 8 of the Services Directive. Main building blocks for the use of e-procedures: e-signatures e-identification and e-documents

5 Directive 2006/123/EC Steps to be followed to implement the e-procedures: Define interoperability framework between Certificate Service Providers from all the Member States Define common formats for the e-signatures Possible solutions for interoperability Bridge Certification Authorities Trusted Lists

6 2. Interoperability of EU security infrastructures

7 21 mai 2015 Bridge Certification Authorities PKIs evolve from organizational islands towards national and international wide networks interconnected via bridging entities. BCA’s provide cryptographic interoperability, policies harmonization and certificate status validation related services. There is not yet a standardized solution for building BCAs but there are already implementation at international and national level.

8 21 mai 2015 Bridge Certification Authorities Corporate/governmental PKIs may implement different architectures, security policies, and cryptographic suites. A flexible mechanism is needed to link corporate/governmental PKIs and translate their corporate relationship into the electronic world. BCA architecture was designed to address the shortcomings of the two basic PKI architectures, and to link PKIs that implement different architectures.

9 21 mai 2015 Bridge Certification Authorities

10 21 mai 2015 Establish trust relationships User trusts the CA that issued his certificate Trust relationship established hierarchically within the organizational PKI Trust relationship established using cross- certification between each Organizational PKI and Bridge User PKI 1 Org. PKI 1 Bridge CA Org. PKI 2 User PKI 2 Trusts

11 Trusted Lists “Trusted List”: term used to designate the Supervision/ Accreditation Status List of those services from QCSPs that are supervised/ accredited by a Member State's Supervisory Body that is in charge to establish, securely publish and maintain such a list in the context and requirements of the eSignature Directive (1999/93/EC).

12 Trusted Lists Trusted List aims to solve the validation problem of QES (Qualified Electronic Signatures) and AdES (Advanced Electronic Signatures) supported by QEC (Qualified Electronic Certificate) in a cross-border context: supports the interoperability and facilitates the cross- border use of e-signatures contains structured information needed for the validation of the electronic signature by the relying party complements the information available in the certificate of the signer and related chain of certification supporting a QES or an AdES supported by a QEC

13 3. Interoperability of electronic signatures

14 Interoperability of electronic signatures A reference format for AdES is needed to facilitate the cross-border use of QES Using XAdES (CAdES), signers may incorporate certain properties into the XMLSig (CMS) signature structure before computing the signature value and including them in its computation. Signers or other parties may request and incorporate a time-stamp on the signature, which provides a trusted upper boundary on the generation time. Using XAdES (CAdES), verifiers or third parties may incorporate properties encompassing the long-term lifecycle of the signature, which after their generation includes first verification, storage for several years, and auditing.

15 Interoperability of electronic signatures ETSI organizes XAdES/CAdES interoperability tests certSIGN the only Romanian company involved in the ETSI interoperability tests developed its own software for implementing XAdES/CAdES signature formats successfully passed the tests

16 4. Conclusions

17 Conclusions Solving interoperability issues is the keystone element of implementing pan-European services Governments, industry and independent organizations shall be involved certSIGN– reliable partner to implement interoperability projects based on: Previous experience in implementing operational Bridging Certification Authorities (Romanian National Defense System) Own developed software modules tested in ETSI interoperability tests Competencies in PKI and information security field

18 Contact Adrian Floarea Business Development Director certSIGN Phone: 004-021-311.9901 Fax: 004-021-311.9905 Mobil: 004-0726.678.375 e-mail: adrian.floarea@certsign.ro

Download ppt "21 mai 2015 Bridges between Certification Authorities."

Similar presentations

Universal Electronic Signatures Tarvi Martens ESTONIA.

Universal Electronic Signatures Tarvi Martens ESTONIA.
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.

AFACT eCOO WG interim meeting - Conference Call 1st March of 2011 Mahmood Zargar eCOO Experiences and Standards.
Practical Digital Signature Issues. Paving the way and new opportunities. www.oasis-open.org Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.

Practical Digital Signature Issues. Paving the way and new opportunities. Juan Carlos Cruellas – DSS-X co-chair Stefan Drees - DSS-X.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Telia Research AB György Endersz 2000-09-26 1 European Electronic Signature Standardisation Initiative EESSI Workshop Barcelona, 2000-09-26 György Endersz,

Telia Research AB György Endersz European Electronic Signature Standardisation Initiative EESSI Workshop Barcelona, György Endersz,
Telia Research AB György Endersz 2001-05-08 1 European Electronic Signature Standardisation Initiative EESSI Budapest Seminar at the Hungarian Communication.

Telia Research AB György Endersz European Electronic Signature Standardisation Initiative EESSI Budapest Seminar at the Hungarian Communication.
Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.

Policy interoperability in electronic signatures Andreas Mitrakas EESSI International event, Rome, 7 April 2003.
Copyright Judith Spencer 2002. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Judith Spencer This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Mountain View 25, 26 Sept 2007 The importance of incorporating XAdES extensions into ongoing XML-Sig work W3C Workshop on Next Steps for XML Signature.

Mountain View 25, 26 Sept 2007 The importance of incorporating XAdES extensions into ongoing XML-Sig work W3C Workshop on Next Steps for XML Signature.
Dematerialization of Organisations’ Key Business Processes Security and e-Invoicing ATHENEE PALACE HILTON, Bucuresti September 21 st 2004 Genovel Iovu.

Dematerialization of Organisations’ Key Business Processes Security and e-Invoicing ATHENEE PALACE HILTON, Bucuresti September 21 st 2004 Genovel Iovu.
S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.

S.1 Using a Global Validation Service to Unite Communities Jon Shamah EMEA Head of Sales, BBS eSecurity.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.

Summary of ETSI/ESI activities Andrea Caccia ETSI/ESI TB member Note: This document expresses only the views of its author.
Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,

Jaroslav Pinkava May 2001 Certification Authority in Praxis. Security Aspects. Conference Security and Protection of Information Ing. Jaroslav Pinkava,
© ETSI 2012 All rights reserved EUROPEAN UNION MANDATE/460 Kloster Banz 11.09.2013 Presented by Arno Fiedler, Member of European Telecommunications Standards.

© ETSI 2012 All rights reserved EUROPEAN UNION MANDATE/460 Kloster Banz Presented by Arno Fiedler, Member of European Telecommunications Standards.
2002 10 21 Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.

Implementation of Electronic Signature Law Kęstutis Andrijauskas Information Society Development Committee under the Government of the Republic.
1 Bridge/Gateway CA Project Status Gzim OCAKOGLU European Commission – DG ENTR / IDABC Reykjavik – 27 May 2005.

1 Bridge/Gateway CA Project Status Gzim OCAKOGLU European Commission – DG ENTR / IDABC Reykjavik – 27 May 2005.
1 ESTIO 21/05/2015 Electronic Signature Testsuit for Inter-Operability A project supported by the EU ISIS programme.

1 ESTIO 21/05/2015 Electronic Signature Testsuit for Inter-Operability A project supported by the EU ISIS programme.

Similar presentations

Ads by Google