DigiCerts and DigiID in Enterprise apps. So yesterday and so tomorrow.

Martynas Savickas

Types of digital certificates:

Certificate Authority (CA) certificatesServer or client certificatesObject signing certificatesUser certificates

Speed! Automation!

Do more with less! Automation!

Cost reduction! Automation!

Increase performance! Automation! Innovation! Automation!

Value!

Business needs 2015, 2016, 2017… 2XXX

Speed! Automation!Do more with

less! Automation!

Cost reduction! Automation!

Increase performance! Automation! Innovation! Automation!

Value!

InfoSec needs 2015, 2016, 2017… 2XXX

IntegrityConfidentialityNon repudiationAccess control+ Fight and pushback all

this stuff

Business processes @ applications

Digi ID & Digi Sign covers:

Integrity [checked]

Confidentiality [checked]

Non-repudiation [checked]

Encryption costs close to nothing. Encrypt and let cavalierly rest.

Goals? Sure. Compliance to: - standards- data classification requirements- data privacy

Any InfoSec will fall in love with end to end encrypted APP!

Data exchange is easy… until you hit into InfoSec (the one who thinks he is A Cavalierly) …

Digi Sign The document market.

What market?

ADOC [GGeDOC; GeDOC; BeDOC; CeDOC;] - LithuaniaBDOC – current Estonian official format… DDOC - Legacy Estonian formatEDOCs – current Latvian official format… PDF – this is just real simple pdf…

Containers

ASiC Simple (ASiC-S). Single file object with either one signature file or one time assertion file.ASiC Extended (ASiC-E). Each signature is associated with all or part of the files in the container

What if I do not trust online DigiSign services?

I really don’t!

Digi ID and Digi Sign hardware tokens advantages and disadvantages:

Smart ID [Chip on smartcard]

Mobile ID [SIM card]

Token ID [USB token]

And what if we try to change the world?

Once again.

Adopt it in Enterprise apps and give me some

SECURITY AUTOMATION!

Thank You!

Q/A‘s