Digital Trust: Goals and Obstacles - PowerPoint PPT Presentation

1 / 37
About This Presentation
Title:

Digital Trust: Goals and Obstacles

Description:

Make legal dependence on email or other digital documents ... Digital signatures ... Framework for recognition of digital notary services (e-notaries) ... – PowerPoint PPT presentation

Number of Views:617
Avg rating:3.0/5.0
Slides: 38
Provided by: downloadM
Category:

less

Transcript and Presenter's Notes

Title: Digital Trust: Goals and Obstacles


1
Digital Trust Goals and Obstacles
  • Rafal Lukawiecki
  • Strategic Consultant, Project Botticelli Ltd

2
Objectives
  • Introduce the concepts
  • Discuss the difficulties and major issues
  • Overview available technology
  • Explain why governments and larger public
    organisations play a special role in this field

3
Session Agenda
  • Digital Trust Concepts
  • Prerequisites
  • Issues with PKI
  • Trusted Time Stamps
  • Privacy and DRM
  • Conclusions

4
Digital Trust Concepts
5
Defense in Depth
Policies, Procedures, Awareness
Physical Security
Data
Application
Host
Internal Network
Perimeter
6
Why?
  • Unlike in the paper-based world, concluding
    transactions on-line cannot rely on handwritten
    signatures and human instincts of trust
  • Traditional signatures are easy to repudiate
  • Its difficult to judge trustworthiness by
    looking at a web site
  • Privacy need is often ignored
  • Authentication is nearly impossible

7
What is Digital Trust?
  • Informally characteristic of a computerised
    environment that has benefits of trust equivalent
    to that of paper-based world
  • Brutally In paper we trust, computers we dont
  • Formally too early to define

8
Impact of (the Lack of) Digital Trust
  • Today, in practice, we still cannot
  • Make legal dependence on email or other digital
    documents
  • Have a reliable and auditable electronic voting
    system
  • Trust online presence of unknown companies
  • Negotiate contracts online
  • Properly protect against malware and viruses

9
Example Failure of PKI
  • Although many organisations have built PKI they
    still fail to be using digital signatures on more
    than experimental basis
  • Economically, security and lack of trust is
    costing a lot, so, has PKI failed?
  • No. PKI is fine, but not enough. We need to build
    a foundation of digital trust.

10
Building Digital Trust
  • Digital trust requires a combination of
  • Identity authentication by multiple means
  • Privacy protection
  • Federated trust between organisations
  • Digital signatures
  • In addition to technology, we require
    governmental, judicial and police support

11
Prerequisites
12
Legal Requirements
  • The basic legislative support includes needs for
  • Legal recognition of digital signatures
  • Protection of data privacy
  • Framework for recognition of digital notary
    services (e-notaries)
  • Framework for mixed-trust situation where paper
    and digital trust are intermixed
  • Existence of one or more accepted identity means
    (IDs)

13
Todays Problem
  • Even if you have legally recognised digital
    signatures (all EU countries do) the following
    are still a problem
  • Someone creates a digitally signed document,
    which is then passed through a chain to someone
    who only uses paper-based signatures
  • Not everyone can (or wants to) provide digital
    signatures
  • Some transactions involve a mixture of paper and
    digital signatures
  • Solution? E-Notary Services (see later)

14
Crossing Contexts
  • Digital Trust really must be trust across
    digital and traditional environs
  • Perhaps we should call it Universal Trust?
  • Your software verifies a digital signature
  • You trust it good!
  • You print the report nice!
  • You give the report to someone. Should it be
    trusted?
  • NO!
  • Unless you stamp it, sign it and, perhaps have a
    witness and a notary

15
Technical Requirements
  • At overall organisational (or governmental)
    level, the following should be created or
    officially recognised
  • Public Key Infrastructure (PKI)
  • Identity credentials format and management
  • Trusted time-stamping service for digital
    signatures
  • This can be delegated to an e-notary service
    provider

16
Issues with PKI Identity
17
PKI
  • Your PKI should be technically integrated into
    the widely used internet browsers (Internet
    Explorer etc.)
  • Otherwise, security can (and has been) exploited
    leading to loss of trust by the public
  • This is a difficult process
  • World-wide inclusion ()
  • Subordinate of know CA (politics)
  • Own CA (distribution problem)

18
Internal PKI
  • If you are only concerned with the trust within
    your organisation, the task of building PKI is
    easy
  • Even easier if you integrate PKI with Active
    Directory
  • Auto-enrolment for initial provisioning
  • Certificate Services for ongoing management
  • Especially easy using Windows Server 2003

19
PKI with Partners
  • Sharing recognition of your PKI with selected
    other organisations is easy
  • Mutually cross-sign your root or OU certificates,
    or,
  • Install on all clients your partners root
    certificates
  • Recognising your PKI outside of those groups is
    far more difficult

20
Identity Credentials Format
  • It is a pre-defined textual, X.500 and binary
    representation of identity data
  • Name, date of birth etc.
  • It should be consistently used
  • Across governmental and organisational PKI
  • Inside electronic IDs based on smartcards
  • Optionally, subject to any privacy debates, it
    may contain a unique ID of the entity (employee,
    citizen, company etc.)
  • This is not necessary for digital trust, but it
    allows for tighter verification across
    governmental departments
  • Inevitably, it can lead to erosion of privacy

21
Trusted Time Stamps
22
The Time Problem
  • Scenario
  • Document is signed on 1 Jan 2005
  • Signatory loses the signing key on 1 Feb 2006
  • Is the signature valid or invalid?
  • Additional problem
  • Anyone can wind back the clock on their
    computer
  • Solution?

23
Trusted Time-Stamping Service
  • As certificates are revoked due to their loss, or
    eventually expire, digital signatures cannot be
    allowed to suddenly become invalid
  • A Trusted Time-Stamping Service can provide a
    digital signature containing date and time
  • Certifying that a certain a document has been
    signed while the signatorys certificate was
    valid
  • Otherwise, it is easy to repudiate signatures in
    the future, cancelling validity of contracts etc.

24
XAdES
  • XML Advanced Electronic Signatures
  • W3C Specification
  • Implements directive 1999/93/EC of the European
    Parliament and of the Council of 13 December 1999
    on a Community framework for electronic
    signatures" EU-DIR-ESIG
  • Microsofts BizTalk Server implements this
  • Implements Time Stamp Authority concept
  • Provides for really usable signatures
  • Adopt it
  • Legally
  • As services

25
XAdES Signature Types
  • XAdES formalises 6 types of signatures and
    specifies roles and their responsibilities
  • It builds on XMLDSIG in following ways
  • XML Advanced Electronic Signature
  • XML Advanced Electronic Signature with Time-Stamp
  • XML Advanced Electronic Signature with complete
    validation data
  • XML Advanced Electronic Signature with eXtended
    validation data
  • XML Advanced Electronic Signature with eXtended
    validation data incorporated for the long term
  • XML Advanced Electronic Signature with archiving
    validation data
  • www.w3.org/TR/XAdES/

26
E-Notary Services
  • Solution for earlier problem of Crossing Trust
    Boundaries
  • Electronic notary services allow co-existence of
    paper-based and digital trust
  • Additionally
  • Provide trusted time-stamps
  • Issue and revoke certificates
  • Assist in distribution of electronic IDs

27
Word About Archiving
  • Archiving paper-based documents digitally is
    important
  • Need for trusted 3rd party access and management
    of stored documents to cross digital/paper border
  • E-Notaries can be archivists

28
Privacy and DRM (Digital Rights Management)
29
Privacy and Trust
  • Relationship between trust and privacy is age-old
  • Unfortunately, in the digital world privacy is
    being eroded and rarely is it well protected
  • This may be a limiting factor in adoption of a
    wider, publicly oriented digital trust system

30
More About Privacy
  • Widespread support for encryption will stimulate
    more confidentiality in the digital world
  • Today, it is as if everyone was sending postcards
    without envelopes
  • P3P (Privacy Protection Protocol) provides some
    limited technology today
  • WS-Privacy etc. will provide more
  • Still insufficient!

31
Possible Privacy Solution
  • Legislation needed that makes it illegal to store
    (and maybe process) data records that do not have
    a digital signature of the citizen they relate to
  • Each privacy-enabled record contains
  • Expiration date
  • Allowed/prohibited uses of data
  • Ex. Not for marketing email, Do not pass to
    3rd parties, For credit reference only, etc.
  • Digital signature of the original data issuer
  • If there is an alleged breach, the injured party
    requires the record to be handed over by the
    alleged abuser
  • Digital signature must be present if not,
    prosecute the abuser
  • Purposes marked in the record must be observed
    if not, prosecute the abuser

32
Relationship with DRM
  • Digital Rights Management (DRM) is a specific
    application of digital trust
  • Entrust the computer with your documents life
  • Reasonable prevention of printing, copying,
    forwarding etc.
  • Can be used to greatly increase privacy
  • In the future there may be a convergence of the
    technologies used for signing with DRM
  • Unlikely for a while

33
DRM Cannot Do Everything
34
Conclusions
35
Technology Support
  • Microsoft has the following technologies for
    building digital trust
  • Certificate Services (part of Windows Server
    2003)
  • For building PKI
  • For issuing and revoking certificates
  • For building a time-stamping service
  • Identity Integration Server
  • For building trust between identities issues by
    different organisations (federation)
  • BizTalk Server
  • For automating processing of digitally signed
    documents, including XAdES support
  • WS-Federation, WS-Trust, and WS-Privacy for trust
    across web services

36
Conclusions
  • Building Digital Trust in closed-context
    boundaries (within a company etc.) is possible
    today and perhaps worthwhile
  • Expecting Digital Trust in open-context to
    co-exist with your system is a long-term goal
  • Very unlikely to be achievable in less than 3-7
    years in my opinion
  • Todays deployed IT is far less trustworthy than
    it seems
  • Next few years will present numerous examples of
    highly visible, expensive and embarrassing
    breaches of trust
  • Understanding digital trust is a good step to
    become more trustworthy

37
Suggestions
  • Evaluate your trust exposure and expectations
  • Make a business case for an environment with
    digital trust enabled
  • If needed, deploy
  • PKI, Identity Management, and Time-Stamp Service
  • Think of building an internal e-notary
  • Test and evaluate
  • Extending your internal digital trust across
    boundaries to partners and customers
Write a Comment
User Comments (0)
About PowerShow.com