A Secure Internet NACRC Property Records Industry Association PowerPoint PPT Presentation

presentation player overlay
1 / 28
About This Presentation
Transcript and Presenter's Notes

Title: A Secure Internet NACRC Property Records Industry Association


1
A Secure Internet NACRC Property Records
Industry Association
2
Todays Agenda
  • Introduction
  • Internet 101
  • Terms and Definitions
  • How Does the Internet Work?
  • Who Oversees Standards
  • Discussion of Security
  • Break
  • How we use Internet Today
  • Applications in Local Government

3
Magnitude of the Internet
  • Over 46.5 million households on-line
  • Expected to grow to over 90 million households by
    2004
  • 2.8 trillion B2B e-commerce by 2003
  • Over 12 billion e-mails per day
  • Massive process re-engineering underway

4
Whats Required for All This to
Happen?
  • We must answer the question
  • Is the internet secure?
  • This is really three questions
  • Is the internet plumbing secure?
  • Who are we doing business with?
  • Will they perform?
  • At the end of the day, it is about Security and
    Trust!

5
Terms
  • Internet Protocol (IP)
  • Protocol used to communicate across network
  • IP Address 255.255.22.12
  • Domain Name NACRC.org
  • Assigned by Registrars
  • Public Key Infrastructure
  • SSL Secure Socket Layer
  • Identity Credential

6
How Does the Internet Work
  • Small (private) networks connected to create very
    large open network
  • Unique Addresses Assigned
  • IP Addresses 255.255.22.11
  • URL Uniform Resource Locator
  • www.yahoo.com
  • Eliminates Conflicts

7
Setting Standards-IP Addresses
An identifier for a computer or device on a
network. Networks route messages based on the IP
address of the destination. The format of an IP
address is a 32-bit numeric address written as
four numbers separated by periods. Each number
can be zero to 255. For example, 1.160.10.240
could be an IP address. Within an isolated
network, you can assign IP addresses at random as
long as each one is unique. However, connecting a
private network to the Internet requires using
registered IP addresses (called Internet
addresses) to avoid duplicates.
8
Setting Standards-IP Addresses
  • The four numbers in an IP address are used in
    different ways to identify a particular network
    and a host on that network. Three regional
    Internet registries -- ARIN, RIPE NCC and APNIC
    -- assign Internet addresses from the following
    three classes.
  • American Registry for Internet Numbers. ARIN,
    founded in 1997, is a non-profit organization
    that registers and administers IP numbers for
    North America, a portion of the Caribbean and
    sub-Saharan Africa. ARIN is one of four regional
    Internet registries.
  • Class A - supports 16 million hosts on each of
    127 networks
  • Class B - supports 65,000 hosts on each of 16,000
    networks
  • Class C - supports 254 hosts on each of 2 million
    networks

9
Setting Standards - Domains
10
Setting Standards Others
  • National Institutes of Standards and Technology
    (NIST)
  • Set technical standards for PKI
  • Federal PKI Steering Committee
  • Set Policy Standards for Authentication
  • Help Application Owners determine identity
    credential needs
  • PIN and Password
  • Digital Certificate (PKI)
  • http//www.cio.gov/fpkisc/

11
Internet Security-SSL
  • Secure Socket Layer (SSL)
  • Allows pipe to be encrypted
  • SSL Certificate (VeriSign, DST) Resides on the
    Web Server
  • Standard Browsers support it today
  • Can Help Prevent Web Site Spoofing
  • Also Protects Information Being Submitted to a
    Web Site
  • Personal Information
  • Credit Card Numbers

12
Why Are We Concerned
  • Prevent Web Site Spoofing
  • Maintain Integrity
  • Trust of Constituency
  • Who are we doing business with?
  • Protection for both sides
  • Credit Card Fraud on the Internet is a 2.5B
    problem annually
  • Identity Theft results in millions lost each year
  • Identity is the most basic element in a
    high-value relationship (FPKISC)

13
Standard Connection (Non-SSL)
HTTP//www
No encryption between the web server and the end
users browser. Information can be seen.
No Padlock
14
Secure Connection-SSL
HTTPS//www
Encryption between the web server and the end
users browser ensures that information can be
seen.
Padlock
15
Internet Security Identity
  • Application Processes Credential
  • Access Control
  • Allow user to access sensitive information based
    on credential
  • Electronic Signatures
  • Click Wrap Agreement
  • Entering a PIN or Password
  • Digital Signature

16
Internet Security Identity
  • Identify Incoming Users Based on Policies
  • Self Service
  • Government
  • Financial Institutions
  • Assign Identity Credential
  • PIN, Password, SecureID Token
  • Digital Certificate, Biometric

17
  • End of Part I

18
Technology Vs. Trust There Is a
Difference
  • Technology and trust are different
  • Natural technology providers
  • Hardware and software providers
  • Natural trust providers
  • Government
  • Financial Institutions
  • Physical Security Technology
  • Trust Policies and Procedures

19
Applications E-anything
  • Secure access control
  • E-Filings
  • E-Mortgages
  • On-line loans
  • E-letters of credit
  • Push e-mail
  • Smart cards
  • B2B exchange services
  • E-checks
  • Digital signatures
  • Strong authentication
  • Attributes

20
What Is The Legal Status of Electronic
Signatures?
  • UETA Bill passed by most states
  • E-Sign legislation signed July 1st, 2000
  • E-contracts, records and notifications are valid
  • Electronic Signatures Are
  • Click Electronic Wrap Agreement
  • Entering a PIN
  • Digital Signatures

21
How This Affects Government
  • Security and Trust
  • Standards for Web Site Protection
  • Privacy Policy
  • 128-bit SSL Certificate
  • Need for Authentication
  • Who are we dealing with?
  • Can I trust that site? That Person?
  • HIPAA Patient Identifiable Info
  • Privacy- Protection of Entities

22
What Theyre Doing About It
  • Federal Government
  • E Authentication Gateway
  • Pins
  • Digital Certificates
  • Combination of Both
  • ACES Program
  • Digital Certificates (SSL, Identity)
  • States can Participate!!
  • http//www.cio.gov/fpkisc/

23
What Theyre Doing About It
  • Federal Government
  • Federal Bridge CA
  • Allows Government and Corporate Entities to cross
    certify with Federal Bridge so credentials can be
    accepted across programs
  • Interoperability Mechanism

24
What Theyre Doing About It
  • Mortgage Bankers Assoc
  • Accreditation Body
  • Certificate issuers are certified to issue
    credentials that are approved by the MBAA
  • Counties, Mortgage Banking, etc can rely upon
    them
  • Interoperability Mechanism

25
What Theyre Doing About It
  • Local Governments
  • Determine Needs
  • Collecting Information?
  • Accepting Credit Cards?
  • Concerned about Frauds
  • Reputational Risk
  • SSL Certificate for Protection

26
What Theyre Doing About It
  • Local Governments
  • Determine Needs
  • Verify Identity
  • Electronic Signatures
  • Proof of Transaction
  • PIN, Password, Certificate

27
Q A Session
28
Contact Information
  • Karen West
  • Vice President
  • Digital Signature Trust
  • 255 N Admiral Byrd Road
  • Salt Lake City, UT 84116
  • Kwest_at_trustdst.com
  • (801) 326-5422
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2026 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The : "A Secure Internet NACRC Property Records Industry Association" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!