Browse, edit, and add pages to this Wiki Knowledgebase on IDtrust.
Browse, edit, or add to this section of the IDtrust Wiki Knowledgebase. (If you're unsure where to place your information, see Contribute Content.)
The OASIS IDtrust Member Section was formed in 2006, partly on top of the erstwhile PKI Forum and OASIS PKI Member Section, in response to an intensifying yet broadening interest amongst businesses and vendors in the tpics of "identity" and "trust". In this we are probably paralleling the "Identity 2.0" movement.
Many organisations will feel the need to study or re-examine the deeper Fundamentals of Identity & Authentication, before moving onto specific project or implementation issues. This page sets out some of those fundamentals.
Some especially useful materials have been developed by commentators that have experienced the highs and lows (mostly lows) or PKI. See for example PKIX Chair Stephen Kent's presentations on PKI Directions and Challenges to PKI Development, which include deep insights into "trust" and the adequacy of a single identifier.
There are several policy approaches to authentication, in principle, which tend to vary from one
jurisdiction to another according to political philosophy.
A common governmmental approach to establishing groundrules for trust and identity in support of e-commerce is to lay out a risk-based framework that maps generaic authentication solutions against the intrionsic security requirements of different types or classes. Several governments around the world have established generally technology neutral policy frameworks to assist in the selection and implementation of identity management and authenticaton solutions. Preeminent examples include the US, New Zealand and Australia; see Authentication Frameworks.
Many governments have invested further effort in establishing particular PKI based frameworks for authentication and trust (without going so far as to mandate PKI, thus leaving the way pen for other technologies); see for example Canada's Policy for Public Key Infrastructure Management and Australia's Project Gatekeeper.
Yet some jurisdictions do enact technology-specific authentication regulations (at this time, they're always PKI based); examples include Malaysia, India, and the state of Utah (historically important as the first legislature to pass a prescriptive digital signature statute). See also Regulatory approaches to trust and identity.
Industry specific policy frameworks tend to be focused on a particular authentication technlogy, usually PKI.
The Australian IT Security Forum published a generalised security idustry position on PKI in 2003.
See also our wiki page on vertical PKI schemes and associations.
Several comprehensive authentication infrastructures have been established around the world, in both the government and private sector, of varying degrees of comprehensiveness. Some are policy frameworks which seek to provide guidance to e-business implementers, while other infrastructures provide live services to help with authentication. Most of the latter today use PKI.
The frameworks mentioned below differ from vanilla commercial Certificate Authorities insofar as they seek to provide comprehensive support for transactions and for the implementation of transaction systems, usually in the specific context of a jurisdiction or industry sector.
Identity Management and Authentication Policy Frameworks
The US Government's main framework for selecting authentication technologies to match transaction requirements is its Electronic Authentication Guideline: Recommendations of NIST, Version 1.0.2
The US Personal Identity Verification (PIV) is more than a policy framework - it is a comprehensive new identity card system and suite of standards for federal government employees and contractors, driven by Homeland Security Presidential Directive HSPD-12. The peak standard is FIPS 201. See also About PIV and HSPD-12.
Australian Government Authentication Framework (AGAF)
Australian Government AUthentication Framework for Individuals (AGAF-I)
New Zealand Authentication Programme
"Live" authentication services -- Government
Estonia runs a comprehensive national PKI based around its smart identity card, and supporting many worlds best practice G2C applications including document lodgement and e-voting.
"Live" authentication services -- Private Sector
Identrust (formerly "Identrus") is a PKI program and shared infrastructure service for the global banking sector. The level of "full service" PKI offerings from Identrust is continuously evolving; they offer more than a policy framework.
Pan Asia Alliance is a consortium of Certification Authorities operating according to a common set of policies and procedures that specifically support online documentation for cross border trade between member jurisdictions.
CableLabs is a peak body for the Cable TV industry, which operates a PKI for embedded device certificates.
There are three different types of electronic signature legislation worldwide, offering different degrees of legal certainty with respect to security technology, and fundamental trade-offs with respect to freedom of choice.
See also Survey of International Electronic and Digital Signature Initiatives
by the Internet Law and Policy Forum (quite old now but an excellent
starting point) and the excellent directory of e-commerce initiatives
at the law firm McBride Baker & Coles.
Add content on information privacy issues to this page
While PKI has been feared by many as being inherently privacy invasive (see for example some of Roger Clarke's work), much work has been done to either manage and design PKIs to be safe with regards to privacy (see e.g. Australian Government PKI Privacy Guidelines) or to proactively enhance privacy using PKI technology (e.g. Privacy Positive Aspects).
"Interoperability" in authentication has come to be understood in terms of "tiers" variously described as ranging from low level "technical" interoperability to high level "business" or "application" interoperability. The idea of tiers and of an interoperability stack appeals to the very mature and almost universally adopted 7 level communications model of OSI.
While seamless interoperability may be a long way off, much good preparatory work has been done in the form of surveys and analyses of legal and other impediments. See:
OECD Authentication Survey - OECD "Summary of Responses to the Survey of Legal and Policy Frameworks for Electronic Authentication Services and E-Signatures in OECD Member Countries" Organisation for Economic Cooperation and Development 3 August 2004
Most activity so far has expended in PKI circles.
See International Harmonization of Policy Requirements for CAs issuing Certificates of the European standards body ETSI.
A simple discussion of interoperability layers acan be found at PKI Interoperability.
The Australian Payments Clearing Association has published its experience in Internet Based Payments Application - Trust and Digital Certificates which includes this gem:
“[PKI] interoperability is something of a will-o’-the-wisp. You think you understand what people mean by it, and then quickly realise that you don’t. In my experience, it’s possible when discussing interoperability to be at cross-purposes for all of the time. Interoperability between members of the same PKI is axiomatic. Certificates issued by one bank should be recognisable by another. Interoperability becomes an issue when it is between different PKIs … But this still leaves the basic question of interoperable in respect of what?”
The Asia PKI Forum and the APEC eSecurity Task Group have investigated interperability extensively. Several publications are available:
Add content here
Cross certification
Attempts to create cross border trust within PKI frameworks has historically been attempted through "Cross Certification" which aims to demonstrate that two different CAs are producing certificates unde comparable conditions so that their certificates may be regarded as equivalent.
The major challenge in cross certification is that the policy mapping involved is labor intensive and time consuming.
Bridge CAs
More recently, Bridge CA initiatives have catalysed the standardisation of key aspects of Certificate Policies, such as identification benchmarks. This has faciliated policy mapping to some extent, and now there are increasing numbers of PKI domains that have achieved cross certification.
INSERT MORE ABOUT BRIDGE CAS
See e.g. www.fbca.gov
Link to aerospace Bridge?
Cross Recognition
Cross-certification establishes the equivalence of certificates from
different PKIs, yet two users on either end of a transaction often
assert different types of credentials (one might be a lawyer while the
other is a doctor) in which case equivalence is moot. Moreover, one
of the parties -- the receiver -- might not even have their own
certificate and yet will still need to be able to ascertain the fitness
for purpose of the sender's certificate.
Insert APEC definitions AUTHENTICATION, CROSS RECOGNITION
Novel approcahes to cross border recognition
Add content here
THIS PAGE NEEDS MORE CONTRIBUTIONS!
Cryptographic algorithms are -- and should be -- subjectto continuous, robust challenge. The ongoing integrity of today's algorithms must never be taken for granted.
As computers grow more powerful, brute force attacks on standard algorithms such as DES and RSA become more and more feasible within reasonable times and resource limits. Some years ago, the original DES algorithm with its effective key length of 56 bits was superceded, bu Triple DES (still popular in banking) and eventually by the "Advanced Encryption Algorithm" AES.
It is possible to put an upper limit on the useful longevity of cryptographic key lengths based on forecasting the growth in computing strength, assuming brute force is the only way to breach an algorithm. See www.keylength.com and the work by Lenstra and Verheul published at that site.
Of course, if "cryptanalysis" detects a flaw on an algorithm, then an attack by cleverer means than brute force becomes possible. Or more subtley, brute force attacks might be expedited by being able to restrict the search space.
The most topical cryptanalysis in recent years has been the work by Chinese researchers on the SHA-1 hash algorithm that is so central to most digital signatures today. See the presentation Cryptanalysis on SHA-1 and NIST's comments.
The state of SHA-1 is a crucial issue, and a work in progress. Few commentators have recommended any drastic action, but a measured transition to algorithms like SHA-512 and SHA-1024 seems prudent, in line with NIST advice.
Interested parties should keep an eye on the NIST SHA-1 project website.
Modelling, forecasting and measuring reasonable ROI is one of the most important challenges in any technology project. ROI in "security" related endeavours like identity management and "trust" is a notorious problem. Some like to consider security as a form of insurance and as such could be a cost of doing business (or even a cost of staying in business!) rather than an active contributer to profitablity. Others point to tangible business benefits enabled by identity management and seek to model those to establish ROI.
Certainly there are a range of approaches to evaluating ROI.
The OASIS PKI Technical Committee developed a detailed PKI ROI model and whitepaper which includes a novel digital certificate supply chain.
The OASIS PKIA TC work built on the preceding PKI Forum ROI whitepaper.
The Verisign and Blue Bridge whitepaper of 2002, ROI for PKI investment includes a particularly good, detailed examination of digital signature applications.
Assorted individual ROI casestudies for PKI may be found on the web, including the very elegant experience of the US Patent Office PKI.
NEEDS MORE CONTENT.
The following links were carried over form the old PKI Forum Resources.
Using Oracle/IAS with PKI - Dartmouth PKI Labs
Setting up the Cisco VPN 3000 Concentrator for PKI Authentication - Dartmouth PKI Labs
There are a great many introductions to PKI available online (and in text books).
Newcomers to the field should be aware that PKI has shifted ground subtly since the mid 00's, rendering older introductions a ittle staid and one dimensional. In particular, "PKI 101" materials tend to focus on e-mail as an archetypal application and the task of two strangers (cryptography's comic book heros Alice and Bob) identifying and hence "trusting" one another. Modern PKI is more nuanced -- with a concern for credentials, qualifications and attributes rather than personal identity -- and involvesa plurality of different certificates for different contexts. E-mail is not a great PKI application in practice; better examples are found in special purpose B2B applications and in embedded systems. SeeCase Studies.
The original PKI Forum (the forerunner to the OASIS IDtrust Member Section) produced two "PKI Basics" papers: A Technical Perspective and A Business Perspective.
See also Robert J. Brentrup, Public Key Cryptography Demystified, Campus Technology, 4/29/2003.
The American Bar Associatin has developed a useful Digital Signature Tutorial that crosses over between technlogy and the fundamental legal issues.
The basic idea of PKI -- which can be thought of as a coordinated suite of technlogies, standards, management processes and agreements -- has led to numerous spin off approaches. Some like SPKI ("Simple PKI") have attempted to streamline the approach at the certificate protocol level. Others have deployed the basic elements in different form factors, such as wireless.
Smartcards are not strictly speaking a derivative of PKI (many would argue that smartcards pre-date PKI), but we cover them here under derivatives for two reasons. First, PKI has become prevalent as an integrated part of most modern smartcards, including banking cards, national ID, employee ID, and health & welfare. And second, the attractive features of on-chip key generation and integrated digital signing services make smartcards an increasingly important key medium in PKI.
SPKI (stands for "Simple PKI") was an effort, now defunct, to streamline traditional PKI.
The SPKI Working Group of the IETF worked in the late 1990s but was disbanded around 2001.
"The task of the SPKI working group [was] to develop Internet standards for an IETF sponsored public key certificate format, associated signature and other formats, and key acquisition protocols. The key certificate format and associated protocols [were] to be simple to understand, implement, and use. For purposes of the working group, the resulting formats and protocols [are] known as the Simple Public Key Infrastructure, or SPKI.
"The SPKI is intended to provide mechanisms to support security in a wide range of internet applications, including IPSEC protocols, encrypted electronic mail and WWW documents, payment protocols, and any other application which will require the use of public key certificates and the ability to access them. It is intended that the Simple Public Key Infrastructure will support a range of trust models.]
In the view of this author at least, the sorts of things that need simplifying in traditional PKI are not related to certificate format or key acquisition protocols. Rather, it is the needless complexity of trying to create a legal basis for general purpose identity certificates, and "stranger-to-stranger" e-business that has made orthodox PKI so difficult. Embedded PKI, with focussed applications and usage agreements, has proven to be simple without the formal low level approaches anticipated by SPKI in the late 1990s.
Some important SPKI drafts include:
RFC 2692 - SPKI Requirements. The SPKI Working Group first established a list of things one might want to do with certificates (attached at the end of this document), and then summarized that list of desires into requirements. This document presents that summary of requirements.
RFC 2693 - SPKI Certificate Theory. This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested.
WPKI is simply the deployment of public key infrastructure using private keys and cryptographic functions in wireless devices, especially mobile phones.
WPKI standards were developed by the WAP (Wireless Application Protocol) Forum, until that group merged with the Open Mobile Alliance (OMA).
See also:
CONTENT NEEDED FOR THIS PAGE
For a general overview of the context of e-signature governance, see Policy Frameworks.
A small set of representative e-signature regulation examples follow.
India: Information Technology
Act - 2000
Note that Indian PKI laws prohibit chaining to offshore root CAs.
Malaysia: Digital Signatures Act - 1997
Hong Kong's Office for the Recognition of CAs
Directive 1999/93/EC of the European Parliament on a Community framework for electronic signatures
UK: Electronic Signatures Regulations - 2002
E-SIGN - Electronic Signatures in Global and National Commerce Act 2000
Australia: Electronic Transactions Act - 2000
New Zealand: Electronic Transactions Act - 2003
Singapore: Electronic Transactions Act - 1998
WebTrust
for CAs - of the American Institute of Certified Public Accountants is a world-wide trust mark for CAs, derived from the AICPA's more general "Webtrust" program for e-commerce sites.
The UK's tScheme is an independent, not-for-profit company providing assessment of trust service providers against Approval Profiles, in accordance with European Unionqualified e-signatures legislation.
Asia PKI Consortium (APKIC, formerly the Asia PKI Forum)
Taiwan's PKI Interoperability Management and Promotion Program
Banking sector: Identrust
Trade documentation (North Asia): Pan Asia Alliance
Pharmaceutical industry: SAFE Biopharma
Australian Tertiary Education Sector PKI Project
Cable Labs set top box PKI
Skyp's Zero User Interface (ZUI) PKI (description by the Skype CSO)
US Federal PKI (FPKI Steering Committee)
Australian Government Project Gatekeeper
Open CA Labs (formerly the Open CA Project).
PKI Standards Work
The dominant PKI-related standards can be found at the following organisations and working groups.
PKIX - the public key working group of the IETF
IETF S/MIME Mail Security (see also the Internet Mail Consortium S/MIME site)
IETF Transport Layer Security (TLS)
IEEE Standards for Public Key Cryptography
ANSI X9.79 - Financial Industry PKI Standard
RSA PKCS standards series, most of which have moved into the public domain
NIST Federal PKI Technical Working Group (now inactive)
The chair of the IETF's PKIX Working Group once named these as the most important of their RFCs to do with public key security.
RFC3820 X.509 PKI Proxy Certificate Profile
RFC2560 Online Certificate Status Protocol - OCSP
RFC2527 X.509 Certificate Policy and Certification Practices Framework. Superseded by RFC 3647.
RFC3647 - X.509 Certificate Policy and Certification Practices Framework. Supersedes RFC 2527.
RFC2511 - Certificate Request Message Format
RFC2797 - Certificate Management Messages over CMS
RFC3039 - PKI Qualified Certificates Profile
RFC3161 - Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)
RFC3281 - An Internet Attribute Certificate Profile for Authorization.
See Digital Notary Case Study from the OASIS PKIA TC.
BACSTEL-IP
Secure Payment Submission Case Study The UK payments clearing house BACS built one of the largest PKIs in the banking sector. From the Thales case study:
"BACS (Bankers Automated Clearing System), the UK ACH service, is one of the largest and most successful money transfer organisations worldwide. Its Direct Debit and Direct Credit services process over 60m payment items in a busy day, on behalf of over 100,000 UK businesses. BACSTEL is the access mechanism used for submission of all of these payment instructions. It has been operating for over 20 years with superb reliability and efficiency, consistently exceeding all operation targets. However, the infrastructure of BACSTEL is now aging rapidly, proving more expensive than more modern alternatives to operate and lacking the flexibility to support new, innovative services.
"As the first phase of its ambitious 5 year technology renewal programme, NewBACS, BACS has introduced a replacement for this access network, called BACSTEL-IP. Rather than opting for a conservative, direct replacement strategy, BACS has devloped a truly innovative solution, using state of the art security technology to deliver a platform for dramatic improvements in the services offered to business users, substantial cost savings and, perhaps most important of all, the delivery of advanced new payment services to keep the UK at the forefront of electronic commerce developments."
Technology Overview and Updates Presentation by the Mortgage Bankers Association of America 2006, emphasising the importance of e-signatures and PKI.
See also Identrus, the worldwide private PKI for the banking industry.
See also Health eSignature Authority Case Study and the ClinPhone Clinical Studies Software Case Study from the OASIS PKIA TC.
Smart Patient Data - Case study report from a paryly government funded R&D project. Smart Patient Data is a simple, user friendly and secure system that uses Public Key Infrastructure and secure tokens to access records and share patient summaries over the Internet.
Business Planning for Healthcare Enterprise PKI - A slide deck from Ann Geyer and Bill Pankey, Tunitas. See also Tunitas' Healthcare PKI pages.
US Healthcare PKI Note - An original PKI Forum white paper, March 2001.
Report: EDUCAUSE - NIH PKI
Interoperability Pilot Project
Peter Alterman, Russel Weiser, Michael Gettes, Kenneth Stillson, Deborah Blanchard, James Fisher, Robert Brentrup, Eric Norman
"Under mandate to adopt broad electronic business methods by October, 2003, Federal Agencies are working hard to figure out ways to put their business on-line in a way that is secure. A leading contender to make e-government secure is and trustworthy public key cryptography. At the same time, farsighted institutions of higher education have been
busy deploying PKIs and issuing digital certificates to their faculties and staffs to enable secure, electronic business with the government and with each other. These institutions wish to use their locally issued digital credentials to do electronic business with the government securely. The NIH, in turn, wishes to be able to rely on business partner issued digital credentials, thereby avoiding the cost and administrative burden of issuing and managing
electronic credentials. NIH and EDUCAUSE jointly constructed a PKI interoperability pilot
project that demonstrated the ability of the Federal Government to receive electronic forms signed with digital certificates issued by institutions of higher education. "
21 CFR Part 11 Electronic Records; Electronic Signatures - Food & Drug Administration
PKI Concerns In Healthcare Settings - Kaiser Permanente, 2000
This Tunitas report discusses issues regarding Public Key Infrastructure (PKI)
implementations in healthcare settings. It is based on the experience of Kaiser
Permanente during preliminary design of an Enterprise PKI for multiple applications.
Issues addressed include:
• Technical and operational PKI interoperability between healthcare providers,
partners, affiliates, and patients.
• Privilege management in healthcare
• Long-term storage of electronic medical records.
See also the Tunitas Group's Perspectives on Information Technology for the Health Care Industry at health PKI.
US Dept of Defense PKI Homepage
Canada: Policy for Public Key Infrastructure Management in Canada.
Advances and Remaining Challenges to Adoption of PKI - United States General Accounting Office Feb 2001
What Governors Need to Know About E-SIGN - National Governors Association, 2000
Guidance on Implementing the ESIGN Act - Office of Management and Budget 2000
US Government Smart Card Handbook - US General Services Administration
FDIC deploys smart cards and PKI -
An Overview of Public Key Certificate Support for Canada's Government On-Line - Mike Just, Treasury Board of Canada, 2003, presented to the 2nd Annual PKI Research Workshop
See also NASA PKI case study.
Australian Access Federation (AAF) "will develop and deploy an infrastructure to facilitate trusted electronic communications and collaboration within and between higher education and research institutions both locally and internationally as well as with other organizations, in line with the NCRIS objective of providing researchers with access to an environment necessary to support world-class research".
See also Australian Access Federation PKI Deployment.
PKI:
A Technology Whose Time Has Come in Higher Education - Peter Alterman
EDUCAUSE July 2004
EDUCAUSE - NIH PKI Interoperability Pilot Project - Peter Alterman et al 2002. A paper presented to the 1st Annual PKI Research Workshop at Dartmouth College April 2002
EDUCAUSE PKI Interoperability Project - Electronic Grant Application With Multiple Digital Signatures, Peter Alterman 2002
PKI Workshop Summary and Recommendations - Burton Group 2002. The Burton Group was retained by Cornell University to conduct a workshop into Cornell's enterprise PKI requirements and develop a set of recommendations.
A number of mechanisms apart from PKI may be used to authenticate people and entities online.
Biometrics is often refered to as "three factor" authentication, referring to the objective of establishing not only what you know and what you have, but also (or instead) what you are.
Biometric technologies at a glance
NEEDS MORE WORK / CROSS REFERENCES
CURRENT BIOMETRICS
Fingerprint
Iris scan
Hand scan
Voice print
OBSOLETE BIOMETRICS
Retina Scan
Signature Dynamics
NEW BIOMETRICS
DNA
Gait
Hybrid / Fusion methods
Relationship with other trust technologies
Biometrics
PKI Note
"Authentication can be performed with three approaches: knowledge factor (something
the individual knows), possession factor (something the individual has), or
biometric factor (something physiologically unique about the individual). Biometric
technology uses a measurable biological or behavioral characteristic to reliably
distinguish one person from another. Biometrics can enhance PKI technology, and,
symbiotically, PKI technology can secure biometric technology. These PKI Notes
discuss the basics of biometric technology and its synergistic combination with PKI
technology".
Will Biometrics Obsolete PKI? A Special Report June 2001 American Bar Association, Bulletin of Law/Science & Technology.
This short paper discusses unique properties of PKI not provided by biometrics, including the ability to revoke when compromised, persistent signatures, and the ability to build open authentication systems.
While not as popular as public key methods, there are strong mechanisms for establishing authenticity through symmetric cryptography. If Alice and Bob know they have a reliable and unique shared secret (symmetric) key, then the ability for either of them to sensibly decrypt a message with that key provides strong evidence that the encrypted message came from the other party. Defence methods like the Fortezza card uses symmetric authentication in this way.
NEEDS MORE DETAIL
Setting aside the fact that smartcards and other cryptographic devices constitute "two factor" authentication, the term is often used to refer to a large class of personal authentication devices that generate a pass phrase or other login code, used to access online resources. There are three important sub-classes:
Time Syncronised One Time Password: every thirty seconds or so, the device generates a fresh pseudo random one time password. The pseudo random number generator is seeded uniquely for each specific device.
Event Based One Time Password: Again, a pseduo RNG generates one time passcodes in sequence, but instead of doing so autmatically and periodicially, the event based OTP requires a button to be pressed. It is therefore an electornic version of the "Tranbsaction Authentication Number" (TAN) card. An attempt to standardise the interoperability of this important class of devices has been organised by the OATH initiative.
Challenge Responce device: usually resembe a small hand-held calculator, into which a challenge code is typed, which is cryptogrqphically transformed into a unique response code, using keys unique to each specific device.
Symmetric Key Management Systems address the need to improve the way that enterprises manage symmetric keys over their lifecycle.
There is a new interest on the part of many companies in the management of symmetric keys used for encrypting sensitive data in their computing infrastructure. While there has been plenty of standardisation activity for many years around asymmetric key management, symmetric keys have been traditionally managed by applications doing their own encryption and decryption. There is as yet no architecture or protocol that provides for symmetric key management services across applications, operating systems, databases, etc.
Key management needs to be addressed by enterprises in its entirety — for both symmetric and asymmetric keys. There are many industry standards and protocols for life-cycle management of asymmetric (i.e. public/private) keys, including PKCS10, PKCS7, CRMF, and CMS.
An objective of SKMS is to establish standards that describe how applications may request similar life-cycle services for symmetric keys, from a server and how public-key cryptography may be used to provide such services.
See in particular, the OASIS Enterprise Key Management Infrastructure (EKMI) Technical Committee.
ARSHAD TO ADD CONTENT
ARSHAD TO ADD CONTENT
ARSHAD T ADD CONTENT
ARSHAD TO ADD CONTENT
ARSHAD TO ADD CONTENT
INSERT
INSERT
INSERT
INSERT
INSERT
Browse or add to this section of the IDtrust Wiki Knowledgebase.