Enhancing System Security Using PKI
2 likes1,341 views
The document discusses public key infrastructure (PKI) and its implementation in the Philippines. It provides an overview of PKI and how digital certificates and certificate authorities address security issues. It then details Philippines legislation supporting the use of electronic signatures and outlines the national PKI framework established by executive orders, including the roles of government agencies in administering the system and accrediting certificate authorities.
Enhancing System Security Using PKI
- 1. Enhancing System Security Using PUBLIC KEY INFRASTRUCTURE SecureMetric Technology Inc. www.securemetric.com
- 2. What is PKI?
- 3. Public Key Infrastructure Public Key Private Key
- 4. What is a Certificate Authority?
- 5. SECRET Β MARYβS Β Public Β Key Β IDEAL WORLD MESSAGE Β + Β ENCRYPTED Β MESSAGE Β
- 6. REAL WORLD SECRET Β Fake Β MARYβS Β Public Β Key Β MESSAGE Β + Β ENCRYPTED Β MESSAGE Β MARYβS Β Public Β Key Β MODIFIED Β ENCRYPTED Β MESSAGE Β + Β
- 7. HOW TO SOLVE PROBLEM? SECRET Β MESSAGE Β + Β ENCRYPTED Β MESSAGE Β MARYβS Β Public Β Key Β
- 8. We are going round in circle!
- 9. PROBLEM SOLVED CPS & CP CERTIFICATE Β AUTHORITY Β
- 10. Why PKI?
- 12. The Philippines: Ready for PKI?
- 13. Public Β Key Β Infrastructure Β
- 14. Public Β Key Β Core Β Technology Β Public Β Key Β Cryptography Β (Asymmetric Β Cryptography) Β Very Β ο¬rst Β Asymmetric Β Algorithm Β (RSA) Β was Β published Β in Β 1977 Β
- 15. Public Β Key Β Infrastructure Β
- 16. Infrastructure Β InformaPon Β Technology Β LegislaPon Β Enforcement Β Policy Β Procedures Β
- 18. Disclaimer Β β’β― I Β am Β not Β a Β legal Β pracPPoner Β β’β― Iβm Β just Β a Β guy Β with Β experience Β in Β the Β PKI Β industry Β and Β is Β passionate Β enough Β about Β PKI Β to Β have Β researched Β on Β the Β Electronic Β commerce Β and Β Digital Β Signature Β Acts Β of Β a Β few Β countries. Β Do Β not Β take Β what Β I Β say Β as Β legal Β advice! Β
- 19. EO 801 eCommerce Act 2000
- 20. Electronic Β Commerce Β Act Β 2000 Β β’β― βElectronicβ Β Signatures Β becomes Β acceptable Β in Β court Β (Sect Β 8-Ββ11). Β β’β― Sec Β 5.E Β βElectronic Β signatureβ Β refers Β to Β any Β disPncPve Β mark, Β characterisPc Β and/or Β sound Β in Β electronic Β form, Β represenPng Β the Β idenPty Β of Β a Β person Β and Β a_ached Β to Β or Β logically Β associated Β with Β the Β electronic Β data Β message Β or Β electronic Β document Β or Β any Β methodology Β or Β procedures Β employed Β or Β adopted Β by Β a Β person Β and Β executed Β or Β adopted Β by Β such Β person Β with Β the Β intenPon Β of Β authenPcaPng Β or Β approving Β an Β electronic Β data Β message Β or Β electronic Β document. Β Β
- 21. βElectronic Β Signatureβ Β Sec. Β 8. Β Legal Β Recogni/on Β of Β Electronic Β Signatures. Β An Β electronic Β signature Β on Β the Β electronic Β document Β shall Β be Β equivalent Β to Β the Β signature Β of Β a Β person Β on Β a Β wri_en Β document Β if Β that Β signature Β is Β proved Β by Β showing Β that Β a Β prescribed Β procedure, Β not Β alterable Β by Β the Β parPes Β interested Β in Β the Β electronic Β document Β Rules Β on Β Electronic Β Evidence Β issued Β by Β the Β Supreme Β court Β in Β 2001 Β men/ons Β speciο¬cally Β Asymmetric Β or Β Public Β Cryptosystem Β (PKI). Β
- 22. Electronic Β Commerce Β Act Β 2000 Β SEC. Β 27. Β Government Β Use Β of Β Electronic Β Data Β Messages, Β Electronic Β Documents Β and Β Electronic Β Signatures. Β All Β departments, Β bureaus, Β oο¬ces Β and Β agencies Β of Β the Β government, Β as Β well Β as Β all Β government-Ββowned Β and-Ββcontrolled Β corporaPons Β shall Β within Β 2 Β years, Β accept Β electronic Β documents Β signed Β with Β βElectronicβ Β Signatures. Β Β h?p://i.gov.ph/e-Ββgovernment-Ββwhere-Ββare-Ββwe-Ββnow/ Β
- 23. Electronic Β Commerce Β Act Β 2000 Β SEC. Β 31. Β Lawful Β Access. Β -Ββ Β Access Β to Β an Β electronic Β ο¬le, Β or Β an Β electronic Β signature Β of Β an Β electronic Β data Β message Β or Β electronic Β document Β shall Β only Β be Β authorized Β and Β enforced Β in Β favor Β of Β the Β individual Β or Β enPty Β having Β a Β legal Β right Β to Β the Β possession Β or Β the Β use Β of Β the Β plaintext, Β electronic Β signature Β or Β ο¬le Β and Β solely Β for Β the Β authorized Β purposes. Β The Β electronic Β key Β for Β idenPty Β or Β integrity Β shall Β not Β be Β made Β available Β to Β any Β person Β or Β party Β without Β the Β consent Β of Β the Β individual Β or Β enPty Β in Β lawful Β possession Β of Β that Β electronic Β key. Β
- 24. β’β― AdopPon Β of Β a Β naPonal Β level Β Public Β Key Β Infrastructure. Β β’β― IdenPο¬caPon Β of Β Agencies Β responsible. Β β’β― Secng Β up Β of Β framework Β for Β AccreditaPon. Β β’β― Funding Β and Β resources. Β β’β― DirecPves Β for Β the Β Private Β sector. Β β’β― Fees. Β β’β― CerPο¬cate Β Authority Β hierarchy. Β ExecuPve Β Order Β 810 Β (2009) Β
- 25. β’β― Philippine Β AccreditaPon Β Oο¬ce Β (PAO) Β is Β put Β in-Ββcharged Β of Β AccreditaPon Β of Β CerPο¬cate Β authoriPes Β (CA) Β including Β private Β sector Β CAs. Β ExecuPve Β Order Β 810 Β (2009) Β
- 26. β’β― InformaPon Β and Β CommunicaPon Β Technology Β Oο¬ce Β (ICTO) Β under Β DOST Β is Β put Β in-Ββcharged Β of Β the Β IT Β infrastructure Β and Β operaPons Β for Β the Β NaPonal Β CerPο¬cate Β authority Β (CA). Β ExecuPve Β Order Β 810 Β (2009) Β Department Β of Β Science Β and Β Technology Β (DOST) Β
- 27. β’β― Advanced Β Science Β and Β Technology Β InsPtute Β (ASTI) Β under Β DOST Β is Β put Β in-Ββcharged Β of Β Technology Β and Β project Β management Β of Β the Β NaPonal Β PKI Β iniPaPve. Β ExecuPve Β Order Β 810 Β (2009) Β Advanced Β Science Β and Β Technology Β InsMtute Β (ASTI) Β
- 28. Roles Β β’β― CA= Β CerPο¬cate Β Authority Β β’β― RA= Β RegistraPon Β Authority Β ExecuPve Β Order Β 810 Β (2009) Β CA Β RA Β RA Β RA Β Policy Β Procedures Β LegislaPon Β
- 30. Philippines Β NaPonal Β PKI Β Technology Β EncrypPon Β AuthenPcaPon Β LegislaPon Β Digital Β Signature Β In Conclusionβ¦
- 31. Why Β Should Β Banks Β Use Β PKI? Β
- 32. Miss Β World Β 2013 Β Β Β
- 33. September Β 28, Β 2013β¦ Β Megan Β Young Β
- 36. Β Other Β variants Β of Β malware Β emailβ¦ Β
- 41. Β How Β do Β we Β know Β who Β is Β your Β real Β friend Β in Β the Β anonymous Β world Β of Β Internet? Β
- 42. Wouldnβt Β it Β be Β nice Β ifβ¦ Β
- 47. How Β do Β you Β know Β if Β this Β actually Β belong Β to Β a Β legiMmate Β organizaMon? Β
- 48. Give Β your Β POS Β Terminal Β an Β idenMty! Β
- 49. Introducingβ¦ Β
- 51. JCOP Β RFID Β Card Β with Β PKI Β Enabled Β Chip Β
- 52. The Β Security Β of Β ZiaPay Β β’β― Each Β ZiaPay Β terminal Β is Β equipped Β with Β a Β digital Β cerPο¬cate Β β’β― Each Β transacPon Β is Β signed Β to Β ensure Β authenPcity Β β’β― Each Β transacPon Β is Β encrypPon Β to Β ensure Β privacy Β β’β― ConnecPon Β between Β each Β Ziapay Β terminal Β and Β the Β servers Β are Β secured Β using Β SSL Β
- 53. Case Study: ePayment Customs Declaration
- 54. Forwarding Agent DAGANG NET KDRM Code Β 20 Β -Ββ Β Approval Β obtained Β from Β KDRM Β Code Β 25 Β -Ββ Β Pre-Ββcredit Β received Β Β (3a)ConfirmationofPayment (3) Execute Payment Web (https) (5) Pre-credit received (5) Pre-credit received (1) Customs Declaration (CUSDEC) (1) Customs Declaration (CUSDEC) (2) Customs Acknowledgement (Code 20) (2) Customs Acknowledgement (Code 20) (4a) Auto-Debit Advice (4b) Auto-Credit Advice (4a) Debit Advice (4b) Credit Advice BNM RENTAS Immediate on-line crediting to KDRM