KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of...
-
Upload
moses-mills -
Category
Documents
-
view
212 -
download
0
Transcript of KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of...
![Page 1: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/1.jpg)
KEYSTONEKEYSTONE
EUROPEAN CROSS DOMAIN PKI ARCHITECTUREEUROPEAN CROSS DOMAIN PKI ARCHITECTURE
Sokratis K. KatsikasSokratis K. Katsikas
Professor & HeadProfessor & Head
Dept. of Information & Communication SystemsDept. of Information & Communication Systems
University of the AegeanUniversity of the Aegean
![Page 2: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/2.jpg)
6/5/1998 K E Y S T O N E 2
Project Participants
EXPERTNET S.A. (Greece)– University of the Aegean (Greece)
IGNIS Technologies Ltd. (Ireland)
![Page 3: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/3.jpg)
6/5/1998 K E Y S T O N E 3
Project objective
The main aim of KEYSTONE is to specify a logical PKI architecture which is robust, robust, scaleable, based on standards, extensible, scaleable, based on standards, extensible, flexible flexible andand useful useful across application across application domains and national and administrative domains and national and administrative boundaries.boundaries.
![Page 4: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/4.jpg)
6/5/1998 K E Y S T O N E 4
Technical Approach
ACTS
INFOSEC
ARCHITECTUREMETHODOLOGIES
USERREQUIREMENTS
TTP SERVICES& INFRASTRUCTURES
FUNCTIONALSPECS
REFERENCEMODEL
FUNCTIONAL ARCHITECTURE
ARCHITECTURE
TECHNOLOGIESTECHNOLOGY EVALUATION
STANDARDS BUSINESS MODEL
MANAGEMENTARCHITECTURE
TECHNOLOGYPROFILES
![Page 5: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/5.jpg)
6/5/1998 K E Y S T O N E 5
WP1: D 1.1 & D 1.2
INFOSEC projectsINFOSEC projects– The Nilson Marinade review report
– S2101 project
– THIS & TrustHealth-ETS in healthcare
– TESTFIT in freight
– BOLERO in shipping
– Ebridge in distributed business services
– EAGLE in several commercial activities
ACTS projectsACTS projects– ABS
– GAIA
– MULTIMEDIATOR
– OSM
Overview of related INFOSEC and ACTS projectsOverview of related INFOSEC and ACTS projects
![Page 6: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/6.jpg)
6/5/1998 K E Y S T O N E 6
D 1.1 TTP User Requirements Report: INFOSEC and ACTS Projects ReviewTTP User Requirements Report: INFOSEC and ACTS Projects Review
Issues studied:– Main objectives and description.
– Technical overview.
– How common threats are dealt with.
– Organizational, legal and regulatory issues.
– Achievements and expected impact.
Result:– Correlation of each project’s results and cross domain
statement of the tools and services needed by TTP users.
![Page 7: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/7.jpg)
6/5/1998 K E Y S T O N E 7
Conclusions of the user requirements capture process
Minimal set of securityservices:– authentication of users– integrity of messages– privacy and confidentiality of
messages– non-repudiation of message
origin and destination– availability of services– ease of use
Additional services:– anonymity of participants– uniqueness of documents– protection from abuse of
any participant by another
Key escrow: Addressed only by EAGLE.
![Page 8: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/8.jpg)
6/5/1998 K E Y S T O N E 8
D 1.2TTP services: INFOSEC Projects ReviewTTP services: INFOSEC Projects Review
Issues studied:– Trust model.– Certification infrastructure.– Functions and services for supporting the certification
process.
![Page 9: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/9.jpg)
6/5/1998 K E Y S T O N E 9
Conclusions of Deliverable 1.2 An overview of TTP infrastructures. An overview of TTP services:
– Primary services (e.g. certificate and key management).
– Secondary services (e.g. audit and underwriting).
– Value added services (e.g. to key generation/management ).
– Services of strategic/organisational impact (e.g. TTP
interoperation services).
![Page 10: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/10.jpg)
6/5/1998 K E Y S T O N E 10
D1.3Architecture Specification Guidelines
Issues Studied Review of the architecture techniques in the projects
– ABS
– GAIA
– MULTIMEDIATOR
– OSM Architecture specification guidelines for Keystone
![Page 11: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/11.jpg)
6/5/1998 K E Y S T O N E 11
D1.3 Results:Architecture Guidelines
Maximal compatibility & extensibility Maximal re-use of existing solutions Orientation towards parallel processing RM-ODP elements in the ETS Reference Model GAIA approach as the basis for the TTP Functional
Architecture Attention to TINA and OMA as service frameworks
![Page 12: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/12.jpg)
6/5/1998 K E Y S T O N E 12
Current work
The focus is on the services of the TTPs and the
PKI:
– Services link user requirements and PKI functions.
– Example scenarios in which services are used.
– Services examples: registration, certificate
management, key management, etc.
![Page 13: KEYSTONE EUROPEAN CROSS DOMAIN PKI ARCHITECTURE Sokratis K. Katsikas Professor & Head Dept. of Information & Communication Systems University of the Aegean.](https://reader036.fdocuments.in/reader036/viewer/2022083009/5697bfc01a28abf838ca38e1/html5/thumbnails/13.jpg)
6/5/1998 K E Y S T O N E 13
Next steps...
Coming deliverables focus on:
– Functional specification.
– Reference model.
– Functional architecture.
– Environmental aspects.
– Technology evaluation.
– Integration.