1 / 6

Enhancing Secure Networks: Lessons from Australia's PKI Experience

At the Asia PKI Forum Conference in Tokyo on February 24, 2005, Stephen Wilson discussed best practices in Public Key Infrastructure (PKI) from Australia. He highlighted examples like the Health eSignature Authority, which issued over 7,000 certificates to healthcare professionals, and the Australian Tax Office, one of the largest PKIs globally with over 100,000 certificates for tax reporting. Wilson emphasized the need for automation in paperless transactions and envisioned a future where digital certificates are seamlessly integrated into applications, enhancing security and service delivery.

rasha
Télécharger la présentation

Enhancing Secure Networks: Lessons from Australia's PKI Experience

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. www.oasis-open.org PKI lessons from AustraliaExpectations for the New Secure Network Age panel discussionAsia PKI Forum ConferenceTokyo 24 February 2005Stephen Wilson (OASIS liaison to APKIF)

  2. Best practice PKI: example 1 Health eSignature Authority See www.hesa.com.au • Owned by a government health IT agency • >7,000 certs issued to healthcare professionals • USB dongles & smartcards • Initial applications focus on doctors’ reports & forms to government (i.e. B2G) • Next applications will be in medical records and doctor-to-doctor messaging (i.e. B2B)

  3. Best practice PKI: example 2 Australian Tax Office See www.ato.gov.au • One of the biggest PKIs in the world • 100,000 certificates for business tax reporting (GST) • Several 100,000 certificates for personal tax returns • Led to “Australian Business Number Certificate” (ABN-DSC) for multi-agency B2G (and B2B) • Identrus cross-recognised by Gatekeeper

  4. Current understanding of PKI • Fundamental aim is to automate paperless transactions • “Known Customer” certificates represent an existing business relationship with issuer; e.g. • Doctors, lawyers, accountants, other professionals • Licence holders (stock brokers, customs brokers, taxi drivers …) • Credit card holders • One party recognises the affiliation of the other party • Existing transaction context, terms & conditions, liability arrangements all carry over to PKI based transactions • PKI is specific to an application or class of applications

  5. A vision for embedded PKI • Secure networks … a main infrastructure of society • The right person should be able to get right services • Digital certificates embedded in applications • Trend from identity towards membership • i.e. e-Business Card, not e-passport

  6. www.oasis-open.org OASIS PKI Technical Committeewww.oasis-open.org/committees/pkiStephen Wilson OASIS PKI TC Liaison to the APKIFBoard Member, Australian IT Security Forum swilson@lockstep.com.auPh +61 414 488851

More Related