Security Solutions based on Public Key Infrastructure PKI - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Security Solutions based on Public Key Infrastructure PKI

Description:

Digital signature ( PKI) ... Digital Certificates ( PKI) ... Photo / printing. Issuance. Security model: ... – PowerPoint PPT presentation

Number of Views:280
Avg rating:3.0/5.0
Slides: 17
Provided by: elmarst
Category:

less

Transcript and Presenter's Notes

Title: Security Solutions based on Public Key Infrastructure PKI


1
Security Solutionsbased onPublic Key
Infrastructure (PKI)
  • Elmar Stoecker
  • Munich, Germany

2
Security Risks
3
Industry Situation
share of companies by perceived attacks during
18 months.
Neither SMEs nor larger enterprises face up to
the risks as they should do.
Source Silicon.de, 2001
4
Security Methods and Measurements
5
PKI Depends on the Customer
Public
Big Company
Medium
Small
Certified Trustcenter
Trustcenter, Corporate PKI
Corporate PKI, certificates for components
Certificates for components
PKI
ID Card, Biometrics
Corporate ID Card, multifunctional batch card
Corporate ID Card, multifunctional batch card
Secure Token
Token
eGovernment Virtual eServices
Secure Desktop Secure Access Secure
Email ePayment Virtual eServices Signed
Workflow eBilling
Secure Desktop Secure Access Secure
Email ePayment Virtual eServices Signed
Workflow eBilling Secure Infrastructure
Secure Desktop Secure Email Secure
Infrastructure
Application
6
Public Key Infrastructure (PKI)Overall
Architecture
7
Public Key Infrastructure
Public (Public Key A, B)
  • Trust Center
  • Key generation
  • Certificates for pair of keys
  • Key distribution Private Key to individual
    Public Key to Directory

Certificate X.509
Secret Key Certificate X.509
1. Authentication 2. Verification DigSig
Network
Secure Message/Digital Signature
Sender A
Receiver B
8
References Siemens Business Services
  • Trust center Siemens AG
  • Electronic Identity Card, Ministry of Interior
  • Military Card, Department of Defense
  • Electronic Identity Card, Macau
  • PKI, Bundesversicherungsanstalt, Berlin
  • PKI, Bundesagentur für Arbeit, Nürnberg
  • PKI, Ministry of Finance, Turkey

9
PKI ReferencesSiemens AG
The Challenge
  • Siemens AG 190 countries, 500 Sites 420.000
    Employees
  • Convincing all involved parties worldwide
  • Integration of a variety of different
    applications worldwide

Customer Benefits
The Solution
  • Secure PKI-services are worldwide available
  • Secure business processes throughout the
    company
  • Platform for further applications for the
    employees and business partner
  • End-to-end-secure processes on the highest
    security level
  • Central Trust Center Service automated
    operation
  • Decentralized smart card issuing resp.
    soft certificates
  • Smart Card contains contact less chip and
    magnetic stripe (migration strategy)
  • today 380,000 cards/certificates
    238.000 employees

10
International Rollout Siemens
  • 450.000 employees in more than 190 countries
    within more than 500 locations
  • One trust center central in Germany (Certified by
    British Standards Institution for BS7799-2)
  • More than 380.000 certificates for more than
    238.000 employees up to now
  • 18 LRAs up to now in Germany 2 Server RAs
  • 112 LRAs outside Germany in 46 countries
  • Rollout of the company ID card with Crypto chip
    still in progress
  • More than 90 organizational problem

Numbers as of July 2004
11
Backup Slides
12
PKI ReferencesItaly Carta dIdentita
Elettronica (CIE)
The Challenge
  • Protection against forging of official
    documents.
  • Secure public and e-business transactions
  • Enable e-government services
  • Enable business reengineering of public
    services

Customer Benefits
The Solution
  • National PKI infrastructure
  • Smart card-based ID-card
  • Hybrid card Chip and laser stripe for
    photography and fingerprint (20 Mbytes)
  • Platform for comprehensive new electronic
    public services
  • 3 Mio. cards today 40 Mio. 2007
  • Increased passive security protection
    against document forging
  • Increased active security secure
    identification of the citizens
  • Secure e-government applications
  • Basic for new public services and
    comprehensive reengineering of existing
    public processes.

13
PKI ReferencesItaly Department of Defence -
MilCard
The Challenge
  • Providing each soldier with a Smart Card
    (personnel and medical data)
  • Strong identification of the soldiers, secure
    access to medical data
  • To use the Smart Card for operating on the Army
    e-procurement portal

Customer Benefits
The Solution
  • Design and implementation of the Military Card
    and systems
  • Design and definition of Card Services
  • PKI system based on MS-products
  • LDAP infrastructure using SUN iPlanet products
  • Security policies definition
  • Identification and authentification /digital
    signature
  • Health applications
  • Smart Card life cycle under control of the Card
    Management System
  • Flexible centralized delivery procedure which
    allows to install new secure service

14
PKI ReferencesPoland Polish Social Insurance
System (ZUS)
The Challenge
  • To protect customers financial assets and
    personal data byAssuring that transactions are
    executed by authorized people only
  • Preventing against transaction repudiation
  • Storing proofs for transaction execution
  • Protecting the transferred data

Zaklad Ubezpieczen Spolecznych
Customer Benefits
  • Efficient management of many certificates
  • PKI-enabled applications that allow citizens to
    have a secure relationship via the Internet
  • Secure communication for the ZUS employees

The Solution
  • Implementation of a PKI system, smart card-based
    certificates and PKI-enabled applications

15
PKI References Macao Electronic Identity Card
(MEID)
16
Trust-Center der deutschen Rentenversicherung bei
der Bundesversicherungsanstalt für Angestellte
The Challenge
The Benefits
Situation
Solution
  • Aufbau eines Trust-Center für Zertifizierungsdiens
    te
  • Konformität zu SigG, SigV und ISIS-MTT
  • Wettbewerb gegen bereits akkreditierte
    Trust-Center
  • Reduzierung der Projektlaufzeiten und
    Verbesserung der Wirtschaftlichkeit der
    Anschlußprojekte durch Rückgriff auf
    praxisgehärtete Komponenten, Kompetenzen und
    Skills
  • Großes Potential für Marktdurchdringung und
    Markterweiterung (Security-Markt) durch bereits
    gewonnene Anschlußprojekte BA und BND
  • Potential für Folgeprojekte (z.B.
    Langzeitarchivierung, Verfahrensintegration)

Benefits
References
The Solution
  • Bündelung aller verfügbarer Konzernressourcen
    (SBS, ICN, FSC) und Einbindung strategischer
    Partner (u.a. secunet, D-Trust)
  • Lösungsdesign auf Basis der Komponenten (Nexus)
    eines bereits akkreditierten Trust-Centers
    (D-Trust)
  • Verprobung der angebotenen Lösung im
    eGovernment-Labor
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Security Solutions based on Public Key Infrastructure PKI" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!