Assuring e-Trust always 1 Guaranteeing Electronic Trust at all times.

1Assuring e-Trust alwayswww.certiver.com

Guaranteeing Electronic Trust at all times


Today's AgendaWho is CertiVeRSolutions from CertiVeRCertiVeR – TACAR proposalQuestions


CertiVeR ServicesValidation

OCSP Validation via CRL or OCSP database connection in real time.– Provision of enhanced OCSP responder– High Availability– Back up – Load Sharing– Automated Revocation


CertiVeR ServicesEnhanced Validation information

Certificate Status– Active, Revoked or Suspended– Multiple CA integration

Purpose of Certificate– Use of OCSP response extensions to

disclose attributes of the user certificate or the Certification Authority policy.

– Used for authorisation by applications to carry out specific functions or transactions

Invalid Certificate


CertiVeR Services: Load Sharing, Backup & High Availability Backup of your certificates database:

– Backup in case of failure with security guarantee

– Lower cost than if you were to do it yourself

High Availability:– Hot standby backup in case of failure– Load sharing or balancing– Ensure high availability and reliability– Guarantee performance levels


CertiVeR ServicesAutomated Revocation

Automated certificate revocation module or application via voice and speaker recognition.– High Security, Liability and Reliability

• Biometrics user registration

• Speaker and Voice recognition integrated with revocation

– High Availability, 24x7– Outsourcing of service to CertiVeR


CertiVeR ServicesOptional Manual Revocation

Common Call Center for all CAs– Economies of Scale– Lower shared costs– More user friendly– High Availability, 24x7

• Automated system may transfer problematic calls

– Security provided through Secret questions• A similar security level could also be provided via Web


CertiVeR Services - Outsourcing Certificate Status Database Management

Offload management Reduce costs Improve service Enhance reliability Increase accuracy Raise level of trust and confidence


CertiVeR ServicesCA Certification

Creation of or assistance with CPS

Audit of CA in accordance with international and national norms– Legal requirements– Required by customers– Facilitates trust chains

CertiVeR Proof of Trustworthiness


CertiVeR Cross-TrustHow do you trust other CAs?

Chaining Trust– Cross-certification– Cross-validation

No more PKI Islands– Degree of Trust– Validity Time of Trust– Validity Period of Trust


CertiVeR Services Ready applications for digital signature

Provide tools and services to make applications PKI ready:– Already integrating GTK 3.9.4

Single validation access point for several CA,s Provision of access APIs Quality Control and post development support Facilitate the rise of applications using digital

signatures– Needing more than one certificate

– Needing more than just certificate validation


CertiVeR – TACAR 1st Proposal Revocation Administration done by CA

CRL for User Certs

synch

CA Users,Grid Users, etc.

CAs

TACAR CA’s Root List

CertiVeR Sites

OCSPResponder

Cert Status Database

RevocationModule

Publish RootCertsRevoke

User Certs

Revoke Root Certs

OCSP Validation Request for TACAR’s

Repository and hierarchies


CertiVeR – TACAR 2nd Proposal Revocation Administration done by CertiVeR

synch

CertiVeR Sites

OCSPResponder

Cert Status Database

RevocationModule

CA Users,Grid Users, etc.

CAs

Publish RootCerts

TACAR CA’s Root List

Revoke Root Certs

OCSP Validation Request for TACAR’s

Repository and hierarchies

Revoke User Certs


OCSP Signature Validation

We offer two options:

1. Sign OCSP responses with a certificate trusted by all parties.

2. Sign OCSP responses with a certificate issued by the same CA hierarchy as the certificates whose status is being asked for.


The Business case for CertiVeRAnnual cost assumptions included

Service Description Done by Cost Univ Cost SME

Status Checking Yourself 15,000 €40,000

Back up Yourself 2,000 €10,000

High Availability Yourself 18,000 €100,000

(Automated) Revocation Yourself 40,000 €50,000

CA Certification 3rd Party 15,000 €15,000

Trust Chain TACAR 5,000 €20,000

PKI Enablement/Appl. Yourself 15,000 €20,000

Total € 110,000| € 275,000Cost cover up to 10.000 users


The Business case for CertiVeRAnnual cost assumptions included depending on degree of Administration

Service Description Done by Cost

Enhanced Status Checking (1) CertiVeR €20,000

Back up CertiVeR €5,000

High Availability CertiVeR €20,000

Automated Revocation CertiVeR €30,000

CA Certification CertiVeR €15,000

Trust Chain (included in (1)) TACAR €0

PKI Enablement/Appl. CertiVeR €10,000

Total €100,000

Savings of €60,000 or 120% each site!!!

Cost cover up to 10.000 users(1) Status Checking + Trust chain integration

Discount Univ. 50% = 50,000€


The most cost-effective services offered

The Basic services by CertiVeR

Service Description By CertiVeR(50%) By Univers. Saving

Enhanced status checking 10,000 € 20,000 € 10,000€

User Revocations 15,000 € 40,000 € 25,000€

High Availability 10,000 € 18,000 € 8,000€

TOTAL 35,000 € 78,000 € 43,000 €

TOTAL saving 43.000 €/year/site123% over CertiVeR cost 55% over University cost


Try now our demo at:http://www.certiver.com


Any Questions ?

Assuring e-Trust always 1 Guaranteeing Electronic Trust at all times.

Documents

Transcript of Assuring e-Trust always 1 Guaranteeing Electronic Trust at all times.