Date post: | 19-Dec-2015 |
Category: |
Documents |
View: | 214 times |
Download: | 0 times |
Public Key SuperstructureIt’s PKI Jim, but not as we know it!
7th Annual “IDtrust” Symposium5 March 2008, Gaithersburg MD, USA
Stephen WilsonLockstep Consulting Pty Ltd
About Lockstep
• Consultants specialised in PKI, smartcards & privacy
• Developing novel de-identification and online safety solutions
• Consultants specialised in PKI, smartcards & privacy
• Developing novel de-identification and online safety solutions
About Lockstep
• Asia PKI Forum• Gatekeeper Policy Committee• Aust. Law Reform Commission
• Asia PKI Forum• Gatekeeper Policy Committee• Aust. Law Reform Commission
The passport metaphor
• Non-descript applications– impossible for CAs to manage risk
• Stranger-to-stranger e-business– “It’s good to trust but it’s better not
to”• Novel TTP business models
– Imposed incredible CPSs upon users• Notion of a single identity
– “Interoperability” = cross certification
“Cross-certification and policy mapping has been a rat hole that has sucked up vast amounts of energy better spent elsewhere” Anonymous, Feb 2008
“Fading PKI Market” June 2003
PKI thickets
1999 RSA Conference
Identrus
1999 2002 2005
Verisign IPO
2008
PKI in practice
• Works best in closed communities– Automates transactions in context – This is a Good Thing
• Embedded keys & certificates• Fits with identity plurality
CA as Security Printer
Stock Exchange
ListingsDepartment
Listed CompanyAchieve Listing
Announcements Announcement
Distribute bar code labelsSecurityPrinter
ListingRules
ListingRules
ListingRules
ListingRules
ListingRules
ListingRules
Affix bar code
Off
ice
r
FaxOCR
Stock Exchange
ListingRules
ListingRules
ListingRules
ListingRules
ListingRules
Listed Company
Announcement
ListingRules
Distribute certificates, keys
Digitally sign
CA
ListingsDepartment
Announcements
Message AppMessage
App
CA as Security Printer
Security printer implications
• Decouples registration from production • Manages risks associated with
registration & production separately
• No contract between Subscriber & CA• No exposure of CPS to Subscriber• Easier to novate CA service providers • Accreditation not affected by new
Policies
ContextContext
HealthOrganisation
“Relationship Certificates”
e-Prescription
Patient name - - Med - - -Dose - - -Repeats - - -
Credentials
Subject: - - - Ext: Lic No. xyzIssuer: Health OrgPolicy OID: - - -
Public Key: - - -
Transaction User Certificate CA Certificate
Sig
ned:
Dr
Lic.
xyz Health Org CA
Subject: - - - Validity: - - - Issuer: Root CAPolicy OID: - - -
Public Key: - - - Sig
ned:
Hea
lth R
oot
CA
Sig
ned:
Hea
lth O
rg C
A
“Relationship Certificates”• Form of “Authorization PKI” • Kill the holy cow of authentication being
primary over authorization
• Preserves X.509 formats, software
• Not SPKI: no ‘primary’ ID certificate • Not Attribute Certs: we can sign with
cert
• Form of “Authorization PKI” • Kill the holy cow of authentication being
primary over authorization
• Preserves X.509 formats, software
• Not SPKI: no ‘primary’ ID certificate • Not Attribute Certs: we can sign with
cert
C. Vote
Lockstep anonymous e-voting
B. RegisterA. Background
Roll Enrol to vote
Smartcard distribution process
CertificateSerial No.PollKey
Dig SignRegister
smartcard
CA
Ide
ntif
y vo
ter
Ge
ne
rate
ke
y p
air
Inst
all
an
on
. ce
rtifi
cate
CertificateSerial No.PollKey
2
1
Candidate
Candidate
Candidate
2
1
Candidate
Candidate
CandidateDig Sign Signedballot
Candidate
Candidate
Candidate
Lockstep clinical study privacy
Study sponsor
Randomisation
Logistics
Collection
Certificate Server
(2) Enrol patient into study
(3) Load pt smartcard with Stepwise anonymous ID
CertificatePatient IDStudy IDKey
Dig Sign
(1) Distribute investigator packs
(4) Patient presents for follow-up
Tests
(5) Investigations as per protocol
Study sponsor
Randomisation
Logistics
Collection
Certificate Server
CertificatePatient IDStudy IDKey(6) De-identified secure
follow up data, “sealed” with Stepwise ID
Lockstep clinical study privacy