![Page 1: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/1.jpg)
PKI Policy Determination Process
Input from PKI Decision Process
PKI Policy Determination Process
•Application(s)
•Workflows
•Players
![Page 2: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/2.jpg)
Determine Business
Requirements and Constraints
Determine Policy and
Deployment Models Determine
Types of Policies
and Agreements
Needed
List of Potential
Policies and Agreements
PKI Policy Determination Process
Define Business
Applications and
Requirements
![Page 3: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/3.jpg)
Determine Business Requirements and Constraints
Map Business Requirements to
PKI Services
DetermineTypes of Data
Determine Use
Determine Jurisdiction
•Workflows
•Players
![Page 4: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/4.jpg)
Map Business Requirements to PKI Services
• PKI Services– Authenticity of Identity– Integrity of Data– Digital Signature– Non repudiation – Confidentiality
![Page 5: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/5.jpg)
Determine Types of Data
• Financial• Medical• Personal• Commercial• Location• Governmental
![Page 6: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/6.jpg)
Determine Use
• Motivation and Purpose• Process• Role• Community
![Page 7: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/7.jpg)
Determine Use – Motivation and Purpose
• Institution and professional accreditation• Establishment of secure user accounts• Enable transactions
– Internally– B2B– B2G– B2C– C2C– C2G– G2G
![Page 8: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/8.jpg)
Determine Use - Process•Application specific
-Financial management-Clinical information systems-Mortgages
•Communications-Email/Web-VOIP-Mobile/wireless-legacy
•Storage and retrieval-Physical-Electronic
•Workflow/process management
![Page 9: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/9.jpg)
Determine Use - Role
• Issuer/CA (need business terms)• Holder• Relying Party
![Page 10: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/10.jpg)
Determine Use - Community
• Enterprise• Trading partner• Community of Interest
– Closed – Extensible
• Government
![Page 11: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/11.jpg)
Determine Jurisdiction• Jurisdictional level – international, national, state,
local• Laws• Regulations • Policies
• Business and intra-industry• Government
• Standards/codes of practice• Accredited• De-facto
• Industry-specific best practices
![Page 12: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/12.jpg)
Determine Policy and Deployment Types
• Internal• External• Trust model
![Page 13: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/13.jpg)
Define Business Application(s) and Requirements
![Page 14: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/14.jpg)
Determine Types of Policies and Agreements Needed
• CP• CPS• Relying Party Agreement• Subscriber Agreement• RA Agreement• LRA Agreement• PKI Disclosure Statement
(PDS)• Privacy Policy Statement• Certificate Manufacturing
Agreement• Security Policy• Policy Management Authority
Charter (policy document)
• Service Level Agreement• Outsourcing Agreement• Internal Memoranda of
Agreement• Internal Conformance Audit
Agreement• External Conformance Audit
Agreement• Dispute Resolution
Procedures• Certification Authority
Agreement (contractual)• Warranty
![Page 15: PKI Policy Determination Process Input from PKI Decision Process PKI Policy Determination Process Application(s) Workflows Players](https://reader035.vdocument.in/reader035/viewer/2022081801/5a4d1b2a7f8b9ab059998997/html5/thumbnails/15.jpg)
List of Potential Policies and Agreements