keystone european cross domain pki architecture sokratis k. katsikas professor & head dept. of...
TRANSCRIPT
KEYSTONEKEYSTONE
EUROPEAN CROSS DOMAIN PKI ARCHITECTUREEUROPEAN CROSS DOMAIN PKI ARCHITECTURE
Sokratis K. KatsikasSokratis K. Katsikas
Professor & HeadProfessor & Head
Dept. of Information & Communication SystemsDept. of Information & Communication Systems
University of the AegeanUniversity of the Aegean
6/5/1998 K E Y S T O N E 2
Project Participants
EXPERTNET S.A. (Greece)– University of the Aegean (Greece)
IGNIS Technologies Ltd. (Ireland)
6/5/1998 K E Y S T O N E 3
Project objective
The main aim of KEYSTONE is to specify a logical PKI architecture which is robust, robust, scaleable, based on standards, extensible, scaleable, based on standards, extensible, flexible flexible andand useful useful across application across application domains and national and administrative domains and national and administrative boundaries.boundaries.
6/5/1998 K E Y S T O N E 4
Technical Approach
ACTS
INFOSEC
ARCHITECTUREMETHODOLOGIES
USERREQUIREMENTS
TTP SERVICES& INFRASTRUCTURES
FUNCTIONALSPECS
REFERENCEMODEL
FUNCTIONAL ARCHITECTURE
ARCHITECTURE
TECHNOLOGIESTECHNOLOGY EVALUATION
STANDARDS BUSINESS MODEL
MANAGEMENTARCHITECTURE
TECHNOLOGYPROFILES
6/5/1998 K E Y S T O N E 5
WP1: D 1.1 & D 1.2
INFOSEC projectsINFOSEC projects– The Nilson Marinade review report
– S2101 project
– THIS & TrustHealth-ETS in healthcare
– TESTFIT in freight
– BOLERO in shipping
– Ebridge in distributed business services
– EAGLE in several commercial activities
ACTS projectsACTS projects– ABS
– GAIA
– MULTIMEDIATOR
– OSM
Overview of related INFOSEC and ACTS projectsOverview of related INFOSEC and ACTS projects
6/5/1998 K E Y S T O N E 6
D 1.1 TTP User Requirements Report: INFOSEC and ACTS Projects ReviewTTP User Requirements Report: INFOSEC and ACTS Projects Review
Issues studied:– Main objectives and description.
– Technical overview.
– How common threats are dealt with.
– Organizational, legal and regulatory issues.
– Achievements and expected impact.
Result:– Correlation of each project’s results and cross domain
statement of the tools and services needed by TTP users.
6/5/1998 K E Y S T O N E 7
Conclusions of the user requirements capture process
Minimal set of securityservices:– authentication of users– integrity of messages– privacy and confidentiality of
messages– non-repudiation of message
origin and destination– availability of services– ease of use
Additional services:– anonymity of participants– uniqueness of documents– protection from abuse of
any participant by another
Key escrow: Addressed only by EAGLE.
6/5/1998 K E Y S T O N E 8
D 1.2TTP services: INFOSEC Projects ReviewTTP services: INFOSEC Projects Review
Issues studied:– Trust model.– Certification infrastructure.– Functions and services for supporting the certification
process.
6/5/1998 K E Y S T O N E 9
Conclusions of Deliverable 1.2 An overview of TTP infrastructures. An overview of TTP services:
– Primary services (e.g. certificate and key management).
– Secondary services (e.g. audit and underwriting).
– Value added services (e.g. to key generation/management ).
– Services of strategic/organisational impact (e.g. TTP
interoperation services).
6/5/1998 K E Y S T O N E 10
D1.3Architecture Specification Guidelines
Issues Studied Review of the architecture techniques in the projects
– ABS
– GAIA
– MULTIMEDIATOR
– OSM Architecture specification guidelines for Keystone
6/5/1998 K E Y S T O N E 11
D1.3 Results:Architecture Guidelines
Maximal compatibility & extensibility Maximal re-use of existing solutions Orientation towards parallel processing RM-ODP elements in the ETS Reference Model GAIA approach as the basis for the TTP Functional
Architecture Attention to TINA and OMA as service frameworks
6/5/1998 K E Y S T O N E 12
Current work
The focus is on the services of the TTPs and the
PKI:
– Services link user requirements and PKI functions.
– Example scenarios in which services are used.
– Services examples: registration, certificate
management, key management, etc.
6/5/1998 K E Y S T O N E 13
Next steps...
Coming deliverables focus on:
– Functional specification.
– Reference model.
– Functional architecture.
– Environmental aspects.
– Technology evaluation.
– Integration.