1 / 12

Enabling Secure Electronic Commerce Applications Through PKI

NIST is developing PKI standards to support secure electronic commerce. PKI provides a secure, scalable method to distribute public keys for encryption, integrity, and authentication. NIST's industry partners are working together to achieve interoperable PKI products.

gvincent
Download Presentation

Enabling Secure Electronic Commerce Applications Through PKI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enabling Secure Electronic Commerce Applications Through PKI PKI Program Area Computer Security Division Information Technology Laboratory

  2. NIST is working with industry to develop PKI standards for interoperable COTS products that support secure electronic commerce.

  3. Public Key Infrastructure • Secure, scalable method to distribute public keys for encryption, integrity, and authentication • Uses two mathematically related keys • Private key is secret to the “owner” • Public key is widely available • Digital certificate “binds” owner to public key • Accepted infrastructure for secure electronic commerce

  4. NIST’s Industry Partners AT&T BBN CertCo Certicom Cylink Digital Signature Trust Dyncorp Entrust Technologies Frontier Technologies GTE ID Certify IRE MasterCard Microsoft Motorola Spyrus VeriSign VISA PKI product vendors PKI service providers

  5. Why NIST? • Conflicting PKI standards • Many options in standards • Products that select different options may not interoperate • Product vendors sought “honest broker” • Users sought standards to meet their security and interoperability needs

  6. Conflicting DRAFT PKI Standards Specifications Best DRAFT PKI Specifications PKI Standards Process

  7. Best DRAFT PKI Specifications MISPC DRAFT PKI Standards Process CRADA

  8. Fixed PKI Specifications MISPC Version 1 PKI Standards Process CRADA

  9. Reference Implementation MISPC Version 1 PKI Standards Process

  10. Xeti Entrust Trustpoint Baltimore Technologies Reference Implementation IBM PKI Standards Process

  11. CRADA Fixed PKI Specifications MISPC Version 2 NIST Research in New PKI Capabilities Interoperability Workshop Results PKI Standards Process

  12. Vendors Working from more consistent standards Working together to achieve interoperability Have larger market Users have access to More secure products Interoperable products Impact of NIST’s Efforts Improved overall security in electronic commerce

More Related