The Egyptian ESignature Law and Establishment of ITIDA

1
The Egyptian E-Signature Law and Establishment of
ITIDA
Dr. Sherif Hashem Dr. Sherif Hazem Information
Technology Industry Development Agency
2
Agenda

• Egypt ICT Outlook
• Egypts E-Signature Law
• Why Root CA? and how it works?
• ITIDA Responsibilities

3
Egypts ICT Outlook 2005http//www.mcit.gov.eg/

• Fixed Line Subscribers 9.7 Mil.
• Teledensity 13.8
• Mobile Subscribers 8.9 Mil.
• PCs 2.5 Mil.
• Pay Phone Cabins 55 K.
• ICT Clubs 1199 club
• Internet Users 4.3 Mil.
• Internet Bandwidth 2.4 Gbps
• Internet dialup access cost 22 cents/hour
• ADSL cost (256kbps) 26 /month
• ICT Companies 1,516
• ICT Work Force 34,455
• Professional Development Trainees 21,922
• Skills Development Trainees 108,000

4
Egypts E-Signature Law

• In April 2004, Egypt passed the Law 15 Regulating
  Electronic Signatures (The
  E-Signature Law)
• The E-Signature Law also established the
• E-Signature regulatory authority, officially
  known as the Information Technology Industry
  Development Agency (ITIDA)
• National E-Signature committee
• (Legal and technology experts)
• Government, private sector, and academia

5
Egypts E-Signature Law Towards a Paperless
Society

• Scope Commercial, Administrative, Civil Sectors
• The law follows international norms and trends
• Technology Neutrality
• Recognizes electronic/digital signatures and
  document
• Establishes a regulatory body for CAs
• Sets measures for recognizing foreign CAs
• Addresses security and privacy protection issues

6
Egypts E-Signature Executive Directives(May
2005)

• ITIDA is Egypts Root CA.
• Technical operational requirements for CAs to
  be licensed by ITIDA
• Technical requirements for qualified
  E-Signatures, including the use of PKI, digital
  certificates, and signature devices
• Guidelines for recognizing e-writing
  e-documents
• Licensing and audit procedures
• Requirements for recognition of foreign digital
  certificates.

7
Regulating E-Signature
Awareness and technical support
Licensing and auditing
Information Technology Industry Development
Agency (E-Signature regulator)
Request for digital certificates
Client Organizations
Certificate Authorities
Digital Certificates
8
The Egyptian Solution Strict Hierarchy

• The idea behind a strict hierarchy is that all
  trust originate from a common Root CA.
• The root CA is the trust anchor for all relying
  parties within that domain.
• Higher level CAs issue certificates to
  subordinate CAs
• A subordinate CA will have one superior, and only
  one.
• Strict hierarchies are appropriate for many
  enterprises, especially where policy controls are
  to be enforced in a top-down fashion.

9
Why ROOT CA?

• Offers an efficient solution for interoperability
  problems.
• Serves all end user as the last and most
  important security anchor, as it proofs or denies
  the validity of the certificates of commercial
  Trust Centers.
• Facilitates the mutual acceptance of E-Signatures
  between two countries considerably a cross
  certification between the two Root CA is
  sufficient.

10
(No Transcript)
11
How Root CA Works
Root CA
Self Signed
12
ITIDA Responsibilities

• Operates a Root-CA according to the highest
  security standards.
• Offers a continuous 24hx7d operation (based on
  the means of a 2nd hot-standby Trust Center),
• Personalizes the CA-and other service-chip cards
  for other Trust Centers,
• Operates an electronic directory service that
  includes the certificates of all accredited Trust
  Center.
• Stops operation of other Trust Centers (e.g. in
  case of suspicion of manipulation, not sufficient
  compulsory cover, security deficiencies),
• Executes cross-certification with CAs in other
  countries.

13
Thank You http//www.itida.gov.eg/ shashem_at_mcit.go
v.eg snoureldin_at_mcit.gov.eg