Outsourcing Services of Key Certification Center - PowerPoint PPT Presentation

1 / 32
About This Presentation
Title:

Outsourcing Services of Key Certification Center

Description:

Saving of the material and time resources. High speed of the document processing ... EDS is equated to the autograph signature or company stamp on legal status ... – PowerPoint PPT presentation

Number of Views:65
Avg rating:3.0/5.0
Slides: 33
Provided by: crypt2
Category:

less

Transcript and Presenter's Notes

Title: Outsourcing Services of Key Certification Center


1
Outsourcing Services of Key Certification Center
KEY CERTIFICATION CENTER CRYPTOMACH
2
Advantages of Electronic Document Management (EDM)
  • Automation of the internal business processes
  • Saving of the material and time resources
  • High speed of the document processing and the
    decision making
  • Possibility of the real-time interaction with the
    remote employees and branches
  • Possibility of the documents control throughout
    all life cycle
  • Automation of the external mutual relations
  • Business-to-Business
  • Business-to-Customer
  • Business-to-Government

DSCA CRYPTOMACH
3
EDM Internal Processes
Business-to-Business
Business-to-Government
Government Institutions
Business-to-Customer
REPORTING
4
EDS Application in Electronic Document Management
ELECTRONIC DIGITAL SIGNATURE
Validation of electronic document
Confidentiality support by the transmission and
storage of documents
Functions of the involvement and nonrefusability
Control of the integrity and authenticity of the
electronic documents
Control of the signing (visaing) priority of the
electronic documents
Authentification of EDM system participants
Cryptoprotected system audit
5
EDS Application in Electronic Document Management
  • EDS is equated to the autograph signature or
    company stamp on legal status
  • Close out the possibility of uncontrolled
    modification of the signed document
  • Practical impossibility of a fake of EDS (in
    comparison with the usual signature or stamp)
  • Simplicity of creation and check of EDS
  • Possibility to automate the procedure of the
    digital signature check
  • Possibility of routed enciphering of documents
    for a certain communicant

DSCA CRYPTOMACH
6
EDS Application in Electronic Document Management
BRANCH
COMPANY
DEPARTMENT 1
DEPARTMENT 2
SERVER
INTERNET
ELECTRONIC ARCHIVE
CONTRACTOR
  • Internal electronic document management
  • Creation of electronic documents archives
  • Interaction with remote branches
  • Interaction with partners and clients
  • Reporting in the electronic form to
  • authorities (STI, PFU, USR)

AUTHORITIES
7
Normative Legal Base of EDS Application
  • Laws of Ukraine
  • About Electronic Documents and Electronic
    Document Management
  • ?851-IV dated 22.05.2003
  • About Electronic Digital Signature
  • ?852-IV dated 22.05.2003
  • Orders of the Cabinet of Ministers of Ukraine
  • About Approval of Procedure of Key Certification
    Centers Accreditation
  • ?903 dated 13.07.2004
  • About Approval of Regulation about Central
    Certifying Authority
  • ?1451 dated 28.10.2004
  • About Approval of Regulation of Electronic
    Digital Signature Application by Governmental
    Authorities, Local Government Authorities,
    Enterprises, Establishments and Organizations of
    State Form of Ownership
  • ?1452 dated 28.10.2004
  • About Approval of Typical Regulation of
    Realization of Electronic Document Management in
    the Bodies of Executive Power
  • ?1453 dated 28.10.2004

DSCA CRYPTOMACH
8
NATIONAL MANAGEMENT SYSTEMOF EDS PUBLIC KEYS
CENTRAL CERTIFYING AUTHORITY
CONTROLLING AUTHORITY
KCC
AKCC
AKCC
AKCC
AKCC
AKCC
APPLICANTS JURIDICAL AND INDIVIDUAL PERSONS
DSCA CRYPTOMACH
9
Advantages of Accredited KCC Services
Reporting in electronic form to the state
authorities
Usage of the enforced certificates makes EDS the
fully legitimate replacement of the personal
signature or stamp
Signing of contracts in electronic form
Usage of EDS in banks
DSCA CRYPTOMACH
10
Main Services of KCC Cryptomach

Full range of complex services connected with
EDS usage
  • Service of certificates blocking, renewal,
    recall on demand of the client
  • Providing of information about the certificate
    status
  • Creation of time tags
  • Possibility of certificates usage for creation of
    confidential communication channels
  • Providing of the certificated tools of EDS
    creation and check

DSCA CRYPTOMACH
11
  • Certificate of
  • Accreditation
  • Series ?? ?8 dated 25.11.2008

12
Advantages of KCC Cryptomach
  • KCC Cryptomach Feature ?
  • Providing of the active key carrier based on
    smart-cards to the customers
  • Providing of the additional software for
    operation with smart-cards

Smart cards made on the basis of special chips
are the most reliable key carriers for today.
DSCA CRYPTOMACH
13
Personified smart-card
  • Of support of corporate IT-system safety
  • Of social protection of company employees
  • Of social protection of citizens (pensioners and
    teenagers)
  • Of stimulation of loyalty of population target
    groups (for example, employees to the employer)

DSCA CRYPTOMACH
14
Mutual Pilot Project

Cryptomach Ltd. Key Certification Center
services Software-hardware tools of Information
cryptoprotection

KJSC Zembank Payment application NSMEP check

CJSC PC SOLDI Processing Center of Loyalty
System
DSCA CRYPTOMACH
15
System Structure
  • Plastic smart card with two interfaces
  • Infrastructure of acception and service of cards
  • Uniform centre of keys certification with remote
    points of registration
  • Processing centre SOLDI
  • Hardware-software complexes of cards personal
    usage

DSCA CRYPTOMACH
16
Card Functions
Identification of the card owner
Creation of the electronic digital signature
Creation of a confidential data line with a server
Payment tool (NSMEP "check")
Storage of the emergency medical information
Access control to the personal information
Contactless identity for systems of physical
access control (ACS)
Support of loyalty systems and the prepaid
services on contactless technology
17
Card Structure
Contact chip (Infineon SLE66C42P)
Contactless chip (NXP DESFire EV1 ) with
integrated antenna
Plastic with printed personal information on the
back side of a card
DSCA CRYPTOMACH
18
Conformance to Standards
ISO International Organization
for Standardization
Cards interfaces conform to the following
standards

Contact part ISO 7816 1-4

Contactless part ISO 14443A 1-4, ISO 7816-4

Plastic physical specifications ISO 7810 (ID-1)
DSCA CRYPTOMACH
19
Supported Cryptoalgorithms
  • Digital signature DSTU 4145-2002 with key length
    191 bit
  • Framing of a common session secret on the base
    of DSTU 4145-2002
  • Symmetric enciphering and message authentication
    code computation GOST 28147-89
  • Hashing function GOST 34.311-95
  • Authentification and traffic protection on the
    contactless interface Triple-DES

DSCA CRYPTOMACH
20
Identification of Card Owner
Contact chip of card stores
  • Registration number of the customer in the system
  • Surname, name, patronymic of the owner
  • Date of birth of the owner
  • Citizenship of Ukraine
  • Identification code of the owner
  • Date of card issue
  • Blood group and Rhesus factor of the owner

DSCA CRYPTOMACH
21
Emergency Medical Information
  • Medical information for emergency help is
    available to doctor 's reading after
    authentification on the SAM-module only
  • Upgrade of medical data is possible after mutual
    authentification with a server only
  • Mutual authentification is possible after
    PIN-code input only
  • Data are transmitted to card in ciphered mode

DSCA CRYPTOMACH
22
Access Control to Personal Information
  • Possibility of usage of a card as one of units of
    multifactor authentification for protection of
    local data of the user
  • Usage of one password for protection of many
    storages of the information
  • Restoring of the protected data at loss or damage
    of a card with usage of temporal restoring card

DSCA CRYPTOMACH
23
Payment Application
Usage order of NSMEP "check" application is
defined by National bank of Ukraine
  • Application allows the owner to get access to the
    card account in the bank-emitter after
    authentification on PIN-code
  • Cash withdrawal in cash dispenses and payments on
    payment terminals
  • Implementation of the salary project

DSCA CRYPTOMACH
24
Access Control System (ACS)
  • Realized on contactless technology
  • Card allows to realize multifactor
    authentification card PIN and/or biometrics
  • Authentification can be fulfilled by the reader
    completely
  • "Cloning" of ACS card is practically impossible
  • One card supports several ACS without mutual
    discredit

DSCA CRYPTOMACH
25
Loyalty Systems and Prepaid Services
Information about amount of services prepaid by
the client or stored "bonuses" in some system (On
card contactless part)
  • Level of card cryptoprotection allows to build
    completely off-line systems of cards receipt
  • One card supports about 28 various operators of
    services
  • Possibility of initialization of applications "in
    the field" or through the Internet by means of
    the contact chip

DSCA CRYPTOMACH
26
Smart Card Readers
  • Contact Readers
  • Desktop and inside versions
  • Versions with PIN-keyboard and fingerprint
    readers
  • Desktop Contactless Readers
  • Identification applications
  • Applications of loyalty and control of prepaid
    services
  • Readers for Access Control Systems
  • Card only
  • PIN-keyboard
  • biometric reader
  • Data Terminal Equipment
  • Required equipment with SAM-modules
  • Optional operation with two cards
  • Applications bank, health care, loyalty

DSCA CRYPTOMACH
27
Structure of KCC Cryptomach
  • Personaliser
  • Remote poits of registration
  • Call-centre
  • Centre of remote authentification
  • Subdividings of KCC Cryptomach Ltd. ensure
    continuous support of the client at all stages of
    mutual relations

DSCA CRYPTOMACH
28
Personaliser and Call-center
Technological capacity of our personaliser allow
to fulfill electrical and graphics
personification up to 40 thousand cards/months
  • Call-center ensures round-the-clock and
    operative support of clients of the company
    requirements accept for blocking of certificates,
    consultations about products and services

DSCA CRYPTOMACH
29
Center of Remote Authentification
  • Authentification of cards independet from
    presence of valid certificate of KCC
  • Creation of an authentic and confidential data
    link between the client, centre and services
    provider
  • Upgrade of medical data on a card (optional)
  • Data recovery protected by means of the lost card

DSCA CRYPTOMACH
30
Software
  • Each user receives a package of software
  • KCC client (performance of all main functions of
    operation with EDS and certificates)
  • Client of synchronisation with a medical server
  • Tool of cryptography protection of local storages
    of the information
  • Additional software, depending on a range of
    services on which he is signed
  • Upgrade software is available on web-site
    constantly

DSCA CRYPTOMACH
31
Other Company Activity
  • Development of ICP software
  • Development of ICP hardware
  • Development of complex information protection
    systems
  • Theoretical researches
  • Consulting services

DSCA CRYPTOMACH
32
Contacts
  • Cryptomach Ltd. (central office)
  • Akademika Proskury Str., 1
  • Kharkov, 61070, Ukraine
  • Tel. 380 (57) 315 44 70
  • E-mail mail_at_cryptomach.com
  • Web www.cryptomach.com
  • AKCC Cryptomach
  • Chernyshevskaya Str., 4
  • Kharkov, 61057, Ukraine
  • Tel. 380 (57) 766 33 77, 763 33 77
  • Fax 380 (57) 706 20 87
  • E-mail mail_at_my-pki.com
  • Web www.my-pki.com
Write a Comment
User Comments (0)
About PowerShow.com