Egypt s E-Signature & PKInfrastructure
|
|
- Milo Potter
- 8 years ago
- Views:
Transcription
1 EGYPT-MCIT ITIDA Egypt s E-Signature & PKInfrastructure Seminar on Electronic Signature Algeria 8-9 Dec By: Hisham Mohamed Abdel Wahab Head of the E-Signature CA Licensing ITIDA- MCIT EGYPT hwahab@mcit.gov.eg
2 Agenda Egypt s PKI Model Operational requirements for CSPs in Egypt Applying ISO as Main CSP requirements CSPs Auditing Procedures
3 Background : ITIDA Established in 2004 by law 15, financially supported by IT co s. E-Signature regulator, promoter, and root CA. IPR protector for software and databases (Copy Right Office). Empowers IT companies. Recognizes best practices in E-Content development. Launches E-business initiatives, especially for SMEs Supports R&D.
4 Background : E-Signature mile stones E-Signature Law issued Executive directives of the law issued in CSP (e-signature certificate service providers) are licensed by ITIDA in 2006 Therefore the Root CA & Gov CA tendered in 2006 Root CA started work in Sep st CSP got the official permission to work from ITIDA in Oct. 2009
5 Background: Getting the experience Germany Ireland Singapore South Korea Malaysia Hong Kong
6 PKI Model in Egypt.(1/2) ITIDA Licensing Root CA CSP CSP CSP CSP GOV. CA Public Use Gov. employees For public & interaction gov applications For Internal use only
7 PKI Model in Egypt.(2/2) Regulating E-Signature Information Technology Industry Development Agency (E-Signature regulator) Request for digital certificates Certificate Authorities CSP Digital Certificates Client Organizations
8 PKI Model in Egypt: Licensing section...(1/2) Managing the application process for CSPs in Egypt. Implement the criteria for licensing CSPs. Auditing the licensed CSPs. Tracking the Technology to guarantee having the most secure e-signature technology.
9 PKI Model in Egypt: Licensing Section...(2/2) Licensing Requirements Licensing Auditing Awareness Customer services
10 PKI Model in Egypt : Root CA...(1/2) Operates a Root-CA according to the highest security standards. Offers a continuous 24hx7d operation Personalizes the CA-and other service-chip cards for other CSPs, Operates an electronic directory service that includes the certificates of all licensed CSPs. Achieves the interoperability among CSPs and other countries. Handling the CRLs and E-Signature data of clients in case of licensed CSPs failure
11 PKI Model in Egypt : Root CA...(2/2) How works? Self Signed Root CA Root CA Certificate Info Root CA's Private Key Root Signature Sub CA Subordinate CA Certificate Info Root CA's Private Key Root Signature Subscriber Certificate Info Subordinate CA's Private Key SubCA's Signature Text Document Subscriber's Private Key Subscriber's Signature
12 PKI Model in Egypt : Licensed Public CSPs (4) Must be under the Root CA. Provide Gov. and public certificate services, including SSCD. Working as RAs (Registration Authorities). Must full fill with ITIDA requirements. Use the most recognized world wide standards for PKI (2048/4096 Keys- RSA etc). 12
13 PKI Model in Egypt : Licensed Gov CA (1 CA) Issue certificates to Gov. employees only for internal gov use only & SSCD. Provide Gov. certificate services. Under ITIDA Root CA. Working as RAs (Registration Authorities) for Gov. employees. Must full fill ITIDA requirements. Use Specific type of encryption standards. 13
14 PKI Model in Egypt : Strategic Decisions...(1/5) The E-Signature Definition in Egyptian market. 1- Only one type of e-signature is considered in front of court 2- Another types, transactions and e-documents are considered just e-document or e- writing 3- Using third level smart card / token as SSCD is must. 4- Physical identification is must. Why?? Avoid conflict, because if one type of e-signature is compromised then the market will think that strong types are compromised too! Strengthen the working environment
15 PKI Model in Egypt : Strategic Decisions...(1/5) IS E-Signature Digital Certificate Signer Private Key Signer Public Key ALG Syria Dec. July Pin Code +Secure pin entry
16 PKI Model in Egypt : Strategic Decisions...(1/5) E-Signature specification Smart Cards are able to store private e-signature keys for a card holder without delivering the key to the outside world. Therefore the calculation of the signature algorithm as well as its storage is performed in a highly secure environment inside a smart card. Thus, it is required to have smart cards (Reader / Readerless / contactless) which use the most advanced security standard available in the market. -Secure PIN code entry -Complete separation between E-Signature application and any other applications. Security evaluation ITSEC E4 Or NIST FIPS PUB Level 2 or higher X.509v3 certificates ISO 7816 Cryptographic algorithms must include RSA, SHA-1 Microsoft PC/SC Recommended : PKCS #11 (interface) Recommended: CAPI Microsoft Cryptographic Recommended : PKCS #15 (syntax standard) ALG Syria KSA Dec. July Dec
17 PKI Model in Egypt : Strategic Decisions...(2/5) Gov CA will use its own encryption technique and provide only services for use in internal gov transactions 1- Executive directive mentioned that gov CA could use it own encryption. 2- The services provided by gov CA for use only in internal gov transaction 3- If end user needs e-signature service to be used between gov and private then he must get it from Public CSP 4- Physical identification is must. Why?? To secure the sensitive transactions. To encourage the private investment according to the national strategy.
18 PKI Model in Egypt : Strategic Decisions...(3/5) ITIDA will run the Root CA 1- ITIDA will be the only body who is running Root CA for PKI in Egypt. 2- The main and backup site of Root CA is responsibility of ITIDA 3- The Root CA will be audited internally by ITIDA auditors, externally by ISO auditors, and other gov entities Why?? Ensure interoperable environment trust originate from a common Root CA (strict hierarchy model) A subordinate CA will have one superior, and only one Strict hierarchies are appropriate for many enterprises, especially where policy controls are to be enforced in a top-down fashion.
19 PKI Model in Egypt : Strategic Decisions...(4/5) Facilitating the financial requirements for licensing 1- The Licensee will pay only 0.5 M EGP instead of 1.5 M EGP EGP as auditing expenses will be paid after 2 years of operation. 3- The payments will be annually instead of quarterly. 4-3% of the revenue will be paid at the end of 2 nd year instead of 1 st year. Why?? Based on companies suggestions and market studies To encourage this new industry
20 PKI Model in Egypt : Strategic Decisions...(5/5) Leaving the pricing model to the market forces 1- Licensed companies are free to put the price model according to their business model. 2- ITIDA must approve the price list or any modifications prior to publish. 3- ITIDA is responsible for control the pricing competition. Why?? Based on most companies suggestions. Comply with the current Egyptian market.
21 PKI Model in Egypt : E-Signature, when comes to apply!...(1/4) Applying for the service 1- Physical Identification (applicant must show himself up). 2- Delivering the service : Token/smart card CD - installed keys plus certificate. 3- Help desk and customer support (CSP ITIDA). 4- Providing applications (compatible with ITIDA & CSP requirements). 5- Using the e-signature with applications provided by Gov or CSPs or compatible applications provided by another vendors. 6- Renewing / Update the service, or Change the provider / Terminating the service.
22 PKI Model in Egypt : E-Signature, When comes to apply!...(2/4) Auditing the service 1- Surveillance and licensing audit by ITIDA. 2-Regular audit by ITIDA. 3- Receiving the complaints and providing support in case of disputes. 4-Setting up the compliance conditions (applications & operational). 5- Renewing / Extending / terminating the license.
23 PKI Model in Egypt : E-Signature, when comes to apply...(3/4) Proposed Market Applications 1- E-Government (All applications who needs physical existence of the users). 2- E-Tax 3- E-Money (money orders will be collected electronically). 4- E-Banking applications. 5- Stock market. 6- Mobile applications. 7-E-Commerce/Payment. 8- E-education. 9- E-Civil applications. 10- E-Archiving (time stamp is must). 11-E-Contracting. 12-Installed on National ID.
24 PKI Model in Egypt : E-Signature, when comes to apply...(4/4) Type of certificates Provided by the CSP - E-Signature Certificates (Regulated) for persons and organizations. -SSL. -Code signing certificates.
25 Current Situation For E-Signature Certificate Service Providers KSA ALG Syria Dec. July
26 PKI Model in Egypt : Current Status...(1/2) 4 Licensed companies as CSP (E-Signature Certificates Service Provider). 1 Company finished its infrastructure and is audited, started work in Egyptian market in 1 Oct (more than 2000 hours auditing time, team of 13 experts) The Root CA is established in Sep The Ministry of finance got the license to provide E-Signature Service to gov. employees for internal transactions only.
27 PKI Model in Egypt : Current Status...(2/2) 4 Licensed Companies + GOV CA 1-ACT 2-MCDR 3-EgyptTrust 4-SNS KSA ALG Syria Dec. July
28 Agenda Egypt s PKI Model Licensing requirements for CSPs in Egypt Applying ISO as Main CSP requirements CSPs Auditing Procedures
29 Licensing Requirements:...(1) The detailed requirements are listed in License Form at: (Arabic Language ) - More than 60 Page. - More than 250 item to be satisfied before getting the license - Categorized to financial, operational, technical and administrative. - References: The Law 15, Its Directive, NTRA license, ETSI TS
30 Licensing Requirements:...(2) License Sections Operational Financial Technical Legal
31 Licensing Requirements:...(3) Financial Requirements Insurance of $ 1.5 Million Licensing fee $ 85,000 for 5 years Insurance per certificate $ 200 3% of revenue of licensed services 31
32 Licensing Requirements:...(4) Technical Requirements Complete PKI infrastructure. Disaster Recovery site. ISO for Info. Security. PKIX (PKI Based on X.509). Encryption Keys with length Using Smart Cards as E-Signature creation device (SSCD). 32
33 Licensing Requirements:...(5) (Arabic Language )
34 Agenda Egypt s PKI Model Operational requirements for CSPs in Egypt Applying ISO as Main CSP requirements CSPs Auditing Procedures
35 Why Implement an ISMS System? KSA Syria Dec July
36 Main Requirement ISO27001: Information is an asset...(1/2) Information is an asset, which, like other important business assets, has value to an organization and consequently needs to be suitably protected. Information security protects information from a wide range of threats in order to ensure business continuity, minimize business damage and maximize return on investments and business opportunities. Quote ISO/IEC (E)
37 Main Requirement ISO27001: Information is an asset...(2/2) Stored on Computers Transmitted Printed Data Written Fax Microfilm Spoken
38 Main Requirement ISO27001: will satisfy... PROTECTION OF INFORMATION FOR: CONFIDENTIALITY Protecting sensitive information from unauthorised disclosure or intelligible interception INTEGRITY Safeguarding the accuracy and completeness of information and computer software AVAILABILITY Ensuring that information and vital services are available to users when required
39 Main Requirement ISO27001: Importance for PKI...(1/2) تخريبSABOTAGE MISUSE OF DATA خداع FRAUD VANDALISMتدمير تجسس ESPIONAGE خطأ ERROR NATURAL DISASTER ALG 8-9 Dec. 2009
40 Main Requirement ISO27001: Importance for PKI...(2/2) ISO27001 is providing complete security management system. Through:- Logical security Application security Physical & environmental security Network Security Personal Security. Need for dual control through third party audit. ISO2001 is complete ISMS, merges between business and technology. ISO27001 needs continual improvements. ALG 8-9 Dec. 2009
41 Accreditation and Certification for ISO 27001
42 Accreditation & Certification Everything you wanted to know EA about European accreditation.(in 30 seconds) Conformance at a European Level Accreditation Forum EA 7/02 Accredited by a State Organisation National Accreditation Board National Accreditation Board ISO Guide 66 EA Certified by a Certification Body European Certification Body ISO Company Company 2 Company 3 Wishes to be certified to national or international standards
43 Phase 1 : Pre-Audit Study Phase 2 : On Site Audit Certified Information Security Management System The Certification Process Information Security Management System Certification to ISO ISMS Standard ALG KSA Dec. Dec
44 Agenda Egypt s PKI Model Operational requirements for CSPs in Egypt Applying ISO as Main CSP requirements CSPs Auditing Process
45 CSPs Auditing Process
46 CSPs Auditing Process Initiating (planning ) the audit Preparation phase Conducting Documentation review Preparing for Audit activities Conducting audit activities Preparing, approving & distributing the audit report Post Audit Phase Conducting audit follow up
47 CSPs Auditing Process Initiating (planning ) the audit Conducting Documentation review Preparing for Audit activities Conducting audit activities Scope, Objective, Criteria Determine feasibility & select audit team Write an audit plan Preparing, approving & distributing the audit report Contact the auditee Conducting audit follow up
48 CSPs Auditing Process Initiating (planning ) the audit Conducting Documentation review Preparing for Audit activities Conducting audit activities Request relevant documents Preparing, approving & distributing the audit report Conducting audit follow up Review prior to arriving on-site Review the previous audit report if any
49 CSPs Auditing Process Initiating (planning ) the audit Conducting Documentation review Preparing for Audit activities Conducting audit activities Finalize audit plan Preparing, approving & distributing the audit report Prepare work documents Assign audit team Conducting audit follow up
50 CSPs Auditing Process Initiating (planning ) the audit Conducting Documentation review Preparing for Audit activities Conducting audit activities Opening Meeting Preparing, approving & distributing the audit report Communication during the audit Conducting audit follow up Collecting objective evidences Closing meeting
51 CSPs Auditing Process Initiating (planning ) the audit Conducting Documentation review Preparing for Audit activities Conducting audit activities Preparing, approving & distributing the audit report Distribute it to the appropriate persons Conducting audit follow up Mention positive & negatives
52 CSPs Auditing Process Initiating (planning ) the audit Conducting Documentation review Preparing for Audit activities Conducting audit activities Preparing, approving & distributing the audit report Conducting audit follow up
53 Thank you very much
54 54
55 Cyberlaws & ICT-related Laws & Regulations A comprehensive IPR Law (Law No. 82/2002) A comprehensive Communications Act (Law No. 10/2003) An E-Signature law ( Law No. 15/2004) Children Protection Law (2008) Drafts: A Data Protection, Privacy, and Cyber Security law A Cyber Crime law Access to Information Law 55
Egyptian Best Practices Securing E-Services
Egyptian Best Practices Securing E-Services Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA Agenda Security Measures for E-Services Examples of E- Services Threats
More informationAl-Wakaye Al-Mesreya / Government Bulletin - Issue No. 115 (Supplement) Dated 25 May 2005
Al-Wakaye Al-Mesreya / Government Bulletin - Issue No. 115 (Supplement) Dated 25 May 2005 Ministry of Communications And Information Technology Decree No. 109 Of The Year 2005 Dated 15/5/2005 Issuing The
More informationLand Registry. Version 4.0 10/09/2009. Certificate Policy
Land Registry Version 4.0 10/09/2009 Certificate Policy Contents 1 Background 5 2 Scope 6 3 References 6 4 Definitions 7 5 General approach policy and contract responsibilities 9 5.1 Background 9 5.2
More informationINDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456. Aristotle University of Thessaloniki PKI (www.pki.auth.gr) WHOM IT MAY CONCERN
Title INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456 Customer Aristotle University of Thessaloniki PKI (www.pki.auth.gr) To WHOM IT MAY CONCERN Date 18 March 2011 Independent Audit
More informationOFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES
OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES Table of contents 1.0 SOFTWARE 1 2.0 HARDWARE 2 3.0 TECHNICAL COMPONENTS 2 3.1 KEY MANAGEMENT
More informationDanske Bank Group Certificate Policy
Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...
More informationSSLPost Electronic Document Signing
SSLPost Electronic Document Signing Overview What is a Qualifying Advanced Electronic Signature (QAES)? A Qualifying Advanced Electronic Signature, is a specific type of digital electronic signature, that
More informationApple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
More informationStudy on Mutual Recognition of esignatures: update of Country Profiles Icelandic country profile
Study on Mutual Recognition of esignatures: update of Country Profiles Icelandic country profile This report / paper was prepared for the IDABC programme by: Coordinated by: Hans Graux (time.lex), Brigitte
More informationCA Self-Governance: CA / Browser Forum Guidelines and Other Industry Developments. Ben Wilson, Chair, CA / Browser Forum
CA Self-Governance: CA / Browser Forum Guidelines and Other Industry Developments Ben Wilson, Chair, CA / Browser Forum Chronology of Frameworks 1995-1996 PKIX chartered, BS 7799 published, EU Recommendation
More informationNeutralus Certification Practices Statement
Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX...1 1.0 INTRODUCTION...3 1.1 Overview...3 1.2 Policy Identification...3 1.3 Community & Applicability...3 1.4 Contact Details...3
More informationX.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities
X.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities Version 5.1 May 2014 Notice to all parties seeking to rely Reliance
More informationCERTIFICATION PRACTICE STATEMENT UPDATE
CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.
More informationTrustKey Tool User Manual
TrustKey Tool User Manual 1 Table of Contents 1 Introduction... 5 2 TrustKey Product...6 2.1 TrustKey Tool... 6 2.2 TrustKey function modules...7 2.3 TrustKey using environment...7 3 TrustKey Tool Installation...
More informationSecure Data Exchange Solution
Secure Data Exchange Solution I. CONTENTS I. CONTENTS... 1 II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE DOCUMENT EXCHANGE SOLUTIONS... 3 INTRODUCTION... 3 Certificates
More informationBangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS)
[Draft] Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS) Version: 1.00 August, 2015 Bangladesh Bank Page 2 of 42 Document Reference Title Document Type Bangladesh Bank
More informationTHE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc.
THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Last Revision Date: June 28, 2007 Version: 3.0 Published By: RSA Security Inc. Copyright 2002-2007 by
More informationCOMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES
COMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES BSI TR-03139 Version 2.1 27 May 2013 Foreword The present document
More informationAirbus Group Public Key Infrastructure. Certificate Policy. Version 4.6
Airbus Group Public Key Infrastructure Certificate Policy Version 4.6 DOCUMENT VERSION CONTROL Version Date Authors Description Reason for Change 4.6 2015-03-18 Carillon Revision Introduction of two new
More informationComodo Certification Practice Statement
Comodo Certification Practice Statement Notice: This CPS should be read in conjunction with the following documents:- * LiteSSL addendum to the Certificate Practice Statement * Proposed Amendments to the
More informationTTP.NL Scheme. for management system certification. of Trust Service Providers issuing. Qualified Certificates for Electronic Signatures,
TTP.NL Scheme for management system certification of Trust Service Providers issuing Qualified Certificates for Electronic Signatures, Public Key Certificates, Website Certificates and / or Time-stamp
More informationHIPAA Security Regulations: Assessing Vendor Capabilities and Negotiating Agreements re: PKI and Security
HIPAA Security Regulations: Assessing Vendor Capabilities and Negotiating Agreements re: PKI and Security March 2, 2001 Cy D. Ardoin, Ph.D. 2 Agenda Quick View of Security Strategy for Security Quick View
More informationETSI TR 103 123 V1.1.1 (2012-11)
TR 103 123 V1.1.1 (2012-11) Technical Report Electronic Signatures and Infrastructures (ESI); Guidance for Auditors and CSPs on TS 102 042 for Issuing Publicly-Trusted TLS/SSL Certificates 2 TR 103 123
More information(NOTE: ALL BS7799 REFERENCES IN THIS DOCUMENT ARE FROM BS7799-2:1999 and SHOULD BE AMENDED TO REFLECT BS7799-2:2002)
(NOTE: ALL BS7799 REFERENCES IN THIS DOCUMENT ARE FROM BS7799-2:1999 and SHOULD BE AMENDED TO REFLECT BS7799-2:2002) 1. Approval and Authorisation Completion of the following signature blocks signifies
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Table of Contents 1. Introduction... 5 1.1. Trademarks...
More informationCertification Practice Statement
FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification
More informationRSA Digital Certificate Solution
RSA Digital Certificate Solution Create and strengthen layered security Trust is a vital component of modern computing, whether it is between users, devices or applications in today s organizations, strong
More informationapple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc.
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.8 Effective Date: June 11, 2012 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2.
More informationCertification Practice Statement (ANZ PKI)
Certification Practice Statement March 2009 1. Overview 1.1 What is a Certification Practice Statement? A certification practice statement is a statement of the practices that a Certification Authority
More informationCoSign for 21CFR Part 11 Compliance
CoSign for 21CFR Part 11 Compliance 2 Electronic Signatures at Company XYZ Company XYZ operates in a regulated environment and is subject to compliance with numerous US government regulations governed
More informationCertification Practice Statement
Certification Practice Statement Revision R1 2013-01-09 1 Copyright Printed: January 9, 2013 This work is the intellectual property of Salzburger Banken Software. Reproduction and distribution require
More informationTELSTRA RSS CA Subscriber Agreement (SA)
TELSTRA RSS CA Subscriber Agreement (SA) Last Revision Date: December 16, 2009 Version: Published By: Telstra Corporation Ltd Copyright 2009 by Telstra Corporation All rights reserved. No part of this
More informationCertificate Policies and Certification Practice Statements
Entrust White Paper Certificate Policies and Certification Practice Statements Author: Sharon Boeyen Date: February 1997 Version: 1.0 Copyright 2003 Entrust. All rights reserved. Certificate Policies and
More informationCertipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012
Certipost Trust Services Version 1.2 Effective date 03 May 2012 Certipost NV ALL RIGHTS RESERVED. 2 13 Definitions : Activation Data Certificate Certificate Holder Certificate Public Registry Certificate
More informationepki Root Certification Authority Certification Practice Statement Version 1.2
epki Root Certification Authority Certification Practice Statement Version 1.2 Chunghwa Telecom Co., Ltd. August 21, 2015 Contents 1. INTRODUCTION... 1 1.1 OVERVIEW... 1 1.1.1 Certification Practice Statement...
More informationIntroducing etoken. What is etoken?
Introducing etoken Nirit Bear September 2002 What is etoken? Small & portable reader-less Smartcard Standard USB connectivity Logical and physical protection Tamper evident (vs. tamper proof) Water resistant
More informationTC TrustCenter GmbH Time-Stamp Practice and Disclosure Statement
GmbH NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This document may not be copied, distributed, used, stored or transmitted in any form or by any means, whether
More informationIndependent Accountants Report
KPMG LLP 345 Park Avenue New York, NY 10154-0102 Independent Accountants Report To the Management of Unisys Corporation: We have examined the assertion by the management of Unisys Corporation (Unisys)
More informationETSI TS 102 640-3 V1.1.1 (2008-10) Technical Specification
TS 102 640-3 V1.1.1 (2008-10) Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Architecture, Formats and Policies; Part 3: Information Security
More informationState of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008
State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008 Background In the last ten years Arkansas has enacted several laws to facilitate electronic transactions
More informationPKI NBP Certification Policy for ESCB Signature Certificates. OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5
PKI NBP Certification Policy for ESCB Signature Certificates OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5 Security Department NBP Warsaw, 2015 Table of Contents 1. Introduction 1 1.1 Overview 1 1.2 Document
More informationAudio: This overview module contains an introduction, five lessons, and a conclusion.
Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules
More informationDigiCert Certification Practice Statement
DigiCert Certification Practice Statement DigiCert, Inc. Version 2.22 June 01, 2005 333 South 520 West Orem, UT 84042 USA Tel: 1-801-805-1620 Fax: 1-801-705-0481 www.digicert.com 1 General...7 1.1 DigiCert,
More informationUKAS Guidance for bodies operating certification of Trust Service Providers seeking approval under tscheme
CIS 3 EDITION 2 February 2014 UKAS Guidance for bodies operating certification of Trust Service Providers seeking approval under tscheme CONTENTS SECTION PAGE 1 Introduction 2 2 Requirements for Certification
More informationPKI - current and future
PKI - current and future Workshop for Japan Germany Information security Yuichi Suzuki yuich-suzuki@secom.co.jp SECOM IS Laboratory Yuichi Suzuki (SECOM IS Lab) 1 Current Status of PKI in Japan Yuichi
More informationEricsson Group Certificate Value Statement - 2013
COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationIndependent Accountants Report
KPMG LLP 1601 Market Street Philadelphia, PA 19103-2499 Independent Accountants Report To the Management of Unisys Corporation: We have examined the assertion by the management of Unisys Corporation (
More informationWEBTRUST FOR CERTIFICATION AUTHORITIES SSL BASELINE REQUIREMENTS AUDIT CRITERIA V.1.1 [Amended 1 ] CA/BROWSER FORUM
WEBTRUST FOR CERTIFICATION AUTHORITIES SSL BASELINE REQUIREMENTS AUDIT CRITERIA V.1.1 [Amended 1 ] BASED ON: CA/BROWSER FORUM BASELINE REQUIREMENTS FOR THE ISSUANCE AND MANAGEMENT OF PUBLICLY-TRUSTED CERTIFICATES,
More informationSAUDI NATIONAL ROOT-CA CERTIFICATE POLICY
SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY Document Classification: Public Version Number: 2.5 Issue Date: June 25, 2015 National Center for Digital Certification Policies and Regulations Department Digitally
More informationPost.Trust Certificate Authority
Post.Trust Certificate Authority Certification Practice Statement CA Policy and Procedures Document Issue date: 03 April 2014 Version: 2.7.2.1 Release Contents DEFINITIONS... 6 LIST OF ABBREVIATIONS...
More informationGovernment CA Government AA. Certification Practice Statement
PKI Belgium Government CA Government AA Certification Practice Statement 2.16.56.1.1.1.3 2.16.56.1.1.1.3.2 2.16.56.1.1.1.3.3 2.16.56.1.1.1.3.4 2.16.56.1.1.1.6 2.16.56.1.1.1.6.2 2.16.56.9.1.1.3 2.16.56.9.1.1.3.2
More informationETSI TS 102 640-3 V2.1.1 (2010-01) Technical Specification
TS 102 640-3 V2.1.1 (2010-01) Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 3: Information Security Policy Requirements for REM Management
More informationPKI Deployment Business Issues
An OASIS PKI White Paper PKI Deployment Business Issues By Amir Jafri and June Leung (FundSERV Inc.) For the Oasis PKI Member Section OASIS PKI White Paper OASIS (Organization for the Advancement of Structured
More informationCERTIFICATE POLICY KEYNECTIS SSL CA
CERTIFICATE POLICY KEYNECTIS SSL CA Date: 05/02/2009 KEYNECTIS SSL CA CERTIFICATE POLICY Subject: KEYNECTIS SSL CA Certificate Policy Version number: 1.1 Number of pages: 49 Status of the Project Final
More informationCertum QCA PKI Disclosure Statement
CERTUM QCA PKI Disclosure Statement v1.1 1 Certum QCA PKI Disclosure Statement Version 1.1 Effective date: 1 st of April, 2016 Status: valid Asseco Data Systems S.A. ul. Żwirki i Wigury 15 81-387 Gdynia
More informationWORLD BANK REIMBURSABLE TECHNICAL ASSISTANCE ITIDA
Public Disclosure Authorized 69471 Public Disclosure Authorized Public Disclosure Authorized WORLD BANK REIMBURSABLE TECHNICAL ASSISTANCE ITIDA SUPPORT FOR ITIDA S IPR OFFICE Public Disclosure Authorized
More informationAN OVERVIEW OF INFORMATION SECURITY STANDARDS
AN OVERVIEW OF INFORMATION SECURITY STANDARDS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced
More informationCertificate Policy for. SSL Client & S/MIME Certificates
Certificate Policy for SSL Client & S/MIME Certificates OID: 1.3.159.1.11.1 Copyright Actalis S.p.A. All rights reserved. Via dell Aprica 18 20158 Milano Tel +39-02-68825.1 Fax +39-02-68825.223 www.actalis.it
More informationLegislative Council Panel on Information Technology and Broadcasting. Information Security
For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest
More informationMobile OTPK Technology for Online Digital Signatures. Dec 15, 2015
Mobile OTPK Technology for Online Digital Signatures Dec 15, 2015 Presentation Agenda The presentation will cover Background Traditional PKI What are the issued faced? Alternative technology Introduction
More informationETSI SR 003 091 V1.1.2 (2013-03)
SR 003 091 V1.1.2 (2013-03) Special Report Electronic Signatures and Infrastructures (ESI); Recommendations on Governance and Audit Regime for CAB Forum Extended Validation and Baseline Certificates 2
More informationBUYPASS CLASS 3 SSL CERTIFICATES Effective date: 11.06.2013
CERTIFICATE POLICY BUYPASS CLASS 3 SSL CERTIFICATES Effective date: 11.06.2013 PUBLIC Version: 2.0 Document date: 11.05.2013 Buypass AS Nydalsveien 30A, PO Box 4364 Nydalen Tel.: +47 23 14 59 00 E-mail:
More informationTACC ROOT CA CERTIFICATE POLICY
TACC ROOT CA CERTIFICATE POLICY AND CERTIFICATE PRACTICES STATEMENT (In RFC 3647 format) January 20, 2009 OID: 1.3.6.1.4.1.17940.5.1.1.1 Version 1.2 1 INTRODUCTION... 3 1.1 Overview...3 1.2 Document Name
More informationIntel Enhanced Data Security Assessment Form
Intel Enhanced Data Security Assessment Form Supplier Name: Address: Respondent Name & Role: Signature of responsible party: Role: By placing my name in the box above I am acknowledging that I am authorized
More information1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A
www.acs.com.hk 1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A 2 3 ACOS5 Series (32KB EEPROM) Cryptographic Smart Card and Token Module
More informationCERTIFICATION PRACTICE STATEMENT (CPS) SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. Version 2.0
CERTIFICATION PRACTICE STATEMENT (CPS) OF SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. Version.0 (CPS) INDEX 1. LEGAL FRAMEWORK... 10 1.1. Legal Base... 10 1.. Validation... 10 1.. Legal Support...
More informationCA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT
CA Certificate Policy SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT This page is intentionally left blank. 2 ODETTE CA Certificate Policy Version Number Issue Date Changed By 1.0 1 st April 2009 Original
More informationInformation Technology Policy
Information Technology Policy Identity Protection and Access Management (IPAM) Architectural Standard Identity Management Services ITP Number ITP-SEC013 Category Recommended Policy Contact RA-ITCentral@pa.gov
More informationFuture directions of the AusCERT Certificate Service
Future directions of the AusCERT Certificate Service QV Advanced Plus certificates Purpose Digital signatures non-repudiation, authenticity and integrity Encryption - confidentiality Client authentication
More informationMeeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)
Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4
More informationFord Motor Company CA Certification Practice Statement
Certification Practice Statement Date: February 21, 2008 Version: 1.0.1 Table of Contents Document History... 1 Acknowledgments... 1 1. Introduction... 2 1.1 Overview... 3 1.2 Ford Motor Company Certificate
More informationImplementation of e-signature in the ESCWA Region: Status and Next Steps. By Matthew Perkins
Implementation of e-signature in the ESCWA Region: Status and Next Steps By Matthew Perkins Understanding e-signature How do we identify ourselves online? Electronic records of real-world authenticators
More informationTC TrustCenter GmbH. Certification Practice Statement
TC TrustCenter GmbH Certification Practice Statement NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certification Practice Statement is published in conformance
More informationTrust Service Principles and Criteria for Certification Authorities
Trust Service Principles and Criteria for Certification Authorities Version 2.0 March 2011 (Effective July 1, 2011) (Supersedes WebTrust for Certification Authorities Principles Version 1.0 August 2000)
More informationCERTIFICATE POLICY (CP) (For SSL, EV SSL, OSC and similar electronic certificates)
(CP) (For SSL, EV SSL, OSC and similar electronic certificates) VERSION : 09 DATE : 01.12.2014 1. INTRODUCTION... 10 1.1. Overview... 10 1.2. Document Name and Identification... 11 1.3. Participants...
More informationWEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY
WEST LOTHIAN COUNCIL INFORMATION SECURITY POLICY DATA LABEL: PUBLIC INFORMATION SECURITY POLICY CONTENTS 1. INTRODUCTION... 3 2. MAIN OBJECTIVES... 3 3. LEGISLATION... 4 4. SCOPE... 4 5. STANDARDS... 4
More informationPASSWORD MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region
PASSWORD MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationCertificate Policy KEYNECTIS SSL CA CP. Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2
Certificate Policy KEYNECTIS SSL CA CP Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2 KEYNECTIS SSL CA CP Version 1.2 Pages 51 Status Draft Final Author Emmanuel Montacutelli OpenTrust
More informationTHE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY. July 2011 Version 2.0. Copyright 2006-2011, The Walt Disney Company
THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY July 2011 Version 2.0 Copyright 2006-2011, The Walt Disney Company Version Control Version Revision Date Revision Description Revised
More informationCalifornia Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority. Version 3.
California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority Version 3.4 April 2015 Table of Contents 1.0 INTRODUCTION... 8 1.1 OVERVIEW... 8 1.2
More informationSmart Meter PKI - Make or Buy?
ID WORLD Frankfurt 20.11.2014 11:15 11:45 Uhr Smart Meter PKI - Make or Buy? Dr.-Ing. Lutz Martiny achelos GmbH Paderborn Why PKI? Legal Background: Energiewirtschaftsgesetz Technical Background: Technical
More informationTeliaSonera Server Certificate Policy and Certification Practice Statement
TeliaSonera Server Certificate Policy and Certification Practice Statement v.1.4 TeliaSonera Server Certificate Policy and Certification Practice Statement CA name Validation OID TeliaSonera Server CA
More informationInformation Security Policy
Office of the Prime Minister document CIMU P 0016:2003 Version: 2.0 Effective date: 01 Oct 2003 Information 1. statement i) General The Public Service of the Government of Malta (Public Service) shall
More informationLaw No. 15/2004 on E-signature and Establishment of the Information Technology Industry Development Authority (ITIDA)
Law No. 15/2004 on E-signature and Establishment of the Information Technology Industry Development Authority (ITIDA) In the name of the people, The President of the Republic: The People Assembly has decreed
More informationLaw No. 15/2004 on E-signature and Establishment of the Information Technology Industry Development Authority (ITIDA)
Law No. 15/2004 on E-signature and Establishment of the Information Technology Industry Development Authority (ITIDA) In the name of the people, The President of the Republic: The People Assembly has decreed
More informationCERTIFICATION PRACTICE STATEMENT. EV SSL CA Certification Practice Statement
CERTIFICATION PRACTICE STATEMENT EV SSL CA Certification Practice Statement Emmanuel Montacutelli September 1, 2015 OpenTrust_DMS_EV Statement SSL CA Certification Practice Manage d Services Signature
More informationWEBTRUST SM/TM FOR CERTIFICATION AUTHORITIES EXTENDED VALIDATION AUDIT CRITERIA Version 1.1 CA/BROWSER FORUM
WEBTRUST SM/TM FOR CERTIFICATION AUTHORITIES EXTENDED VALIDATION AUDIT CRITERIA Version 1.1 BASED ON: CA/BROWSER FORUM GUIDELINES FOR THE ISSUANCE AND MANAGEMENT OF EXTENDED VALIDATION CERTIFICATES Version
More informationNational Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016
National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy Version 1.1 February 2, 2016 Copyright 2016, Georgia Tech Research Institute Table of Contents TABLE OF CONTENTS I 1 INTRODUCTION
More informationHKUST CA. Certification Practice Statement
HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 2.1 Date : 12 November 2003 Prepared by : Information Technology Services Center Hong Kong University of
More informationVisa Public Key Infrastructure Certificate Policy (CP)
Visa Public Key Infrastructure Certificate Policy (CP) Version 1.7 Effective: 24 January 2013 2010-2013 Visa. All Rights Reserved. Visa Public Important Note on Confidentiality and Copyright The Visa Confidential
More informationDigiCert. Certificate Policy. DigiCert, Inc. Version 4.03 May 3, 2011
DigiCert Certificate Policy DigiCert, Inc. Version 4.03 May 3, 2011 Suite 200 Canopy Building II 355 South 520 West Lindon, UT 84042 USA Tel: 1 801 877 2100 Fax: 1 801 705 0481 www.digicert.com TABLE OF
More informationBugzilla ID: Bugzilla Summary:
Bugzilla ID: Bugzilla Summary: CAs wishing to have their certificates included in Mozilla products must 1) Comply with the requirements of the Mozilla CA certificate policy (http://www.mozilla.org/projects/security/certs/policy/)
More informatione-tuğra CERTIFICATE POLICY E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş. Version: 3.1 Validity Date: September, 2013 Update Date: 30/08/2013
e-tuğra CERTIFICATE POLICY E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş. Version: 3.1 Validity Date: September, 2013 Update Date: 30/08/2013 Ceyhun Atıf Kansu Cad. 130/58 Balgat / ANKARA TURKEY
More informationThe Costs of Managed PKI:
The Costs of Managed PKI: In-House Implementation of PKI vs. Traditional Managed PKI vs. ON-Demand PKI A TC TrustCenter Whitepaper Last Updated: February 2008 Introduction Until recently, organizations
More informationTC TrustCenter GmbH Certification Practice Statement and Certificate Policy for Qualified Certificates
GmbH Certification Practice Statement and Certificate Policy Version 1.0 of June 11 th, 2007 NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certification
More informationthawte Certification Practice Statement Version 2.3
thawte Certification Practice Statement Version 2.3 Effective Date: July, 2006 thawte Certification Practice Statement 2006 thawte, Inc. All rights reserved. Printed in the United States of America. Revision
More informationDraft ETSI EN 319 401 V1.1.1 (2012-03)
Draft EN 319 401 V1.1.1 (2012-03) European Standard Electronic Signatures and Infrastructures (ESI); General Policy Requirements for Trust Service Providers supporting Electronic Signatures 2 Draft EN
More informationDescription of the Technical Component:
Confirmation concerning Products for Qualified Electronic Signatures according to 15 Sec. 7 S. 1, 17 Sec. 4 German Electronic Signature Act 1 and 11 Sec. 2 and 15 German Electronic Signature Ordinance
More informationETSI TS 102 640-3 V2.1.2 (2011-09)
TS 102 640-3 V2.1.2 (2011-09) Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 3: Information Security Policy Requirements for REM Management
More information