SAFE Public Key Infrastructure PKI - PowerPoint PPT Presentation

1 / 10
About This Presentation
Title:

SAFE Public Key Infrastructure PKI

Description:

SAFE & Bio-Pharmaceutical Community. CONCEPT. Trusted e-identity credentials ... PhRMA initiative. DEC 2003. Seed investment 12 bio-pharmaceuticals. JUN 2003 ... – PowerPoint PPT presentation

Number of Views:120
Avg rating:3.0/5.0
Slides: 11
Provided by: terry146
Category:

less

Transcript and Presenter's Notes

Title: SAFE Public Key Infrastructure PKI


1

SAFE Public Key Infrastructure (PKI)
Terry Zagar Chair, SAFE Operations Technology
Working Group April 21, 2005
2
Topics
  • SAFE Biopharmaceutical Community
  • SAFE Community Framework
  • Architecture Drivers
  • SAFE Architecture
  • Certificate/OCSP Structure
  • Building Understanding Conformance
  • Future SAFE Directions

3
SAFE Bio-Pharmaceutical Community
MAY 2003
SAFE ? strategic PhRMA initiative
  • CONCEPT
  • Trusted e-identity credentials
  • Closed contractual system
  • Accredited
  • Business focus
  • DRIVERS
  • Regulatory compliance
  • Business efficiency
  • Cost savings

DEC 2003
Seed investment ? 12 bio-pharmaceuticals
JUN 2003
SAFE Standard v1.0
DEC 2004
SAFE-Biopharma ? 8 bio-pharmaceutials
JUN 2005 planned
SAFE Bridge IOC SAFE Standard v2.0
4
SAFE Community Framework
  • Services
  • CA / RA / CSA
  • Credentials for Members
  • Identity Proofing

5
SAFE Architectural Drivers
  • High trust system
  • Pre-existing Member PKIs
  • Minimum of reinvention
  • Regulatory compliance
  • Move burden from user to infrastructure
  • Do not preclude other uses
  • What time is it in ?

6
SAFE Architecture
SAFE Issuer
Registration and Certificate Management Systems
SAFE Certificate
SAFE Certificate
Cross Certificates
OCSP Response
OCSP Request
OCSP
SAFE Cert.
Response
Subscriber
Authentication
SAFE- Biopharma
SAFE Bridge CA
Central Systems
End-User Systems
Machine Systems
OCSP
Request
Validation Request Response
Signing Validation Request Response
Signing Validation Request Response
OCSP Response
OCSP Request
SAFE Member
SAFE Enabled Applications
Details contained in associated
Details contained in SAFE CP
Technical Specification
7
Key SAFE Certificate OCSP Features
  • SAFE Subscriber Certificate
  • Issuer Subject Distinguished Name field
  • Subject Alternate Name extension
  • Key Usage extension
  • Authority Information Access extension
  • Certificate Policies extension
  • SAFE OCSP Request/Response
  • SAFE certificate validation must use OCSP
  • OCSP Responder must accept unsigned requests
  • Nonce required for digital signature validation
    purposes only

8
Building Understanding Interoperability
  • Participation
  • Member working groups
  • Member control mechanisms
  • Member tools
  • Issuers, Infrastructure providers, Application
    vendors, Integrators
  • Accreditation
  • Members
  • Issuers
  • Certification
  • Application vendors
  • Infrastructure providers
  • Integrators

9
Future SAFE Directions
  • Easing SAFE application enablement
  • API Specification between applications and
    certificate validation software/services
  • API Specification between applications and smart
    card/token middleware
  • Verifying SAFE application enablement
  • Designation of independent certification test
    labs
  • Supporting other uses for SAFE identity
  • SAFE specifications/guidance for authentication
    uses

10
Discussion
Write a Comment
User Comments (0)
About PowerShow.com