1 / 29

E-Gov and Security

E-Gov and Security. Keren Cummins Digital Signature Trust Co. Richard Guida Chair, Federal PKI Steering Committee. E-Transaction Landscape. Intra-agency personnel matters, agency management Interagency payments, account reconciliation, litigation Agency to trading partner

davidhorne
Télécharger la présentation

E-Gov and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. E-Gov and Security Keren Cummins Digital Signature Trust Co. Richard Guida Chair, Federal PKI Steering Committee

  2. E-Transaction Landscape • Intra-agency • personnel matters, agency management • Interagency • payments, account reconciliation, litigation • Agency to trading partner • procurement, regulation • Agency to the public

  3. Challenges All Applications Face • Authentication of Users • Non-repudiation for transactions • Message integrity • Confidentiality (privacy) • Liability • Interoperability • Scalability

  4. Potential Internet Security Solutions • Pin Numbers • Biometrics • Digital Signatures or PKI (Public Key Infrastructure) PKI Viewed by Many as Only Total Solution

  5. A Digital Signature is NOT: • A Digitized Handwritten Signature… • The Typed Name of an Individual • A Secret Code or a Pin Number

  6. A Digital Signature IS: • A Transformation of a Message Using Public Key Cryptography • Virtually Impossible to Forge • Provides a High Level of Security

  7. Basic Principle of Cryptography • All information goes into a computer as a number • One can perform mathematical operations on the information • For Example: Add, subtract, multiply, divide or exponentiate it.

  8. Two Flavors of Cryptography • Symmetric Cryptography • Uses Single Number or Key • Asymmetric or Public Key Cryptography • Uses Two Different Numbers or Key Pair • Key Pair Consists of Two Large Numbers: • One Called a Private Key • One Called a Public Key

  9. What Does Cryptography Really Look Like • Private Key: • 6448072E 0AD8FD61 F78E45FC 0B9419F9 0E1DD1EF • Public Key: • 47F126B5 74A10BB1 EB107322 C2379439 7F7DD52D 6CB89D3F 04A4E434 0A09EE52 6284271E E092C592 C3CC4144 5861CBF5 E8696BFF 85432ED1 B919A328 48B1D9F0 • Hash or Message Digest: • 53007ADB 04851436 F3F3ACBB F07CA19D 1AC248EA • DSA Signature: • 571691CC 0426C2B5 A545D896 C620CB8D 76B7820C

  10. What’s a Hash? • Brief series of characters associated with a document • Message digest, or “fingerprint” generated by a mathematical algorithm • Same document will always generate the same hash • A document that has been altered can never generate the original hash

  11. Creating a Digital Signature Message Hashing Algorithm Signature Algorithm Message Message Digest1 Digital Signature Private Key

  12. An Example: • A Signed Message - • This will confirm my intention to purchase the Empire State Building. The purchase price shall be $178 million. Closing shall be on or before April 15, 1997. Please forward seller’s account number so that I may arrange wire transfer of funds upon closing. Signed, Donald Trump • BEGIN SIGNATURE - • iQCVAwUBMARe7gvyLNSbw6ZVAQF6ygP/fDnuvdAbGIDWaSMXUIRMuNHYzdZOOcqkDh/Tc2+DubuEa6GU03AgZY8K9t5r9lua34E68pCxegUz009b10cjNt6+o+704Z3j1yy9ijYM8BWNaSp9L2W4nUuWBdlWyel/2PjjRVNZEtqtSRQuPEpJ2IHtx9tGevH10 • END SIGNATURE -

  13. Verifying a Digital Signature Hashing Algorithm Message Digest 1 Message Identical Y/N? Verification Algorithm Digital Signature Message Digest 2 Public Key

  14. What’s Missing • Need to Link Individual Identities to Proposed Security Factor • How Do I Know This is Your Password, Fingerprint, or Public Key • Enter “Trusted Third Parties” or TTPs

  15. Role of Trusted Third Parties (TTPs) • Link Security Factor to Individual Identity (PKI Uses Digital Certificates) • Stand Behind Linkage • Demonstrate Sufficient Institutional Stature as to Promote Trust in Linkage • Issue a Digital Certificate Binding Signer’s Identity to Signer’s Public Key

  16. Process Flow Annually: 1. Subscriber Applies to CA for Digital Certificate 2. CA verifies identity of subscriber and issues Digital Certificate 3. CA publishes Certificate to Repository Per Transaction: 4. Subscriber digitally signs and sends electronic message to relying party 5. Relying party goes to the Repository to check validity of the Subscriber’s Certificate. 6. Repository returns copy of certificate and results of status check 3 Certification Authority Repository 5 1 2 6 4 Relying Party Subscriber 7

  17. Likely Candidates for “TTP” Role • Government Agencies • Financial Institutions • Employers (In their own COI )

  18. Legal Framework • Government Paperwork Elimination Act (GPEA) • supports the use of electronic signatures for transactions with the Federal government • Enacted October 1998 • Covers user authentication and persistent electronic signatures

  19. GPEA Background • With some qualifications, GPEA requires agencies by October 2003 to: • Accept forms (>50K copies/year) electronically • Accept electronic signatures on forms and documents • Encourageselectronic filing and electronic recordkeeping, particularly by employers

  20. GPEA Background (continued) • Gives electronic signatures full legal effect • Technology neutral - agencies select based on specifics of applications (e.g., risk) • But recognizes that technology neutrality does NOT mean all technologies are created equally • Focus: transactions with Federal agencies • Draft OMB Guidance 3/99; final 5/00

  21. Electronic Signatures Under GPEA Guidance • OMB GPEA guidance recognizes several ways to effect “electronic signature” • PINs/passwords • Digitized signatures • Biometrics • Digital signatures • Each approach has advantages and disadvantages, some more acute than others

  22. PINs/Passwords • Advantages: • Simple • Used ubiquitously, no “learning curve” • Disadvantages: • Shared secret means other party can compromise • Hard to achieve non-repudiation • Does not scale well - PINs/passwords proliferate • Can be very susceptible to remote attack • Parties must know each other beforehand

  23. Digitized Signatures • Advantages: • Closest in appearance to “wet signature” • Disadvantages: • Form of shared secret • No open standards, templates are usually proprietary • Can be vulnerable to replay attack • No cryptographic binding of identity to document • Hard to achieve non-repudiation • Requires additional hardware (stylus/pad)

  24. Biometrics • Advantages: • Fingerprints, iris images impossible to “forget” • Disadvantages: • Form of shared secret • No open standards, templates are usually proprietary • Can be vulnerable to replay attack • No cryptographic binding of identity to document • Requires additional hardware (camera, pad) • Can be hard to revoke old identity and issue new one

  25. Digital Signatures • Advantages: • No shared shared secrets between remote parties • Cryptographic binding between identity and document • Scales well, interoperates reasonably well • Disadvantages: • Requires infrastructure (PKI) • Is more complex than PINs/passwords • Can require additional hardware (if smartcards are used)

  26. Summary • Digital signatures represent strongest single solution • Also most scalable and interoperable - cutting across agency stovepipes • Best solution may be combination: • Digital signature to bind digitized signature • Digital signature with biometric identifier to unlock private signing key • PINs/passwords may be sufficient for some applications, if interoperability unimportant

  27. Privacy/ Disclosure: Basic Principles • Electronic authentication should only be required where needed • Tailor authentication needs to the transaction and the participants • Avoid collecting information that is more detailed than required • Inform participants that information will be managed pursuant to the Privacy Act, Computer Security Act, and other laws.

  28. Legal Effect and Validity Electronic records submitted or maintained in accordance with procedures developed under this title, or electronic signatures or other forms of electronic authentication used in accordance with such procedures, shall not be denied legal effect, validity, or enforceability because such records are in electronic form. -GPEA, section 1707

  29. Additional Legal Considerations • “Intent” at time of signing critical • Need for banners or other indicia • Need to capture entire document with signature - not just HTML “tags” • Need to retain ability to validate signature at later date (either directly or through “digital notary” • Electronic records management big issue - with or without electronic signatures

More Related