180 likes | 495 Views
Central Data Exchange and The Cross-Media Electronic Reporting and Recordkeeping Rule (CROMERRR). Office of Environmental Information USEPA. Presented by Matt Leopard Presented to NGA State-EPA Forum at Charleston, SC January 9, 2001. Today’s Topics. CDX (Brief Overview)
E N D
Central Data Exchange and The Cross-Media Electronic Reporting and Recordkeeping Rule (CROMERRR) Office of Environmental Information USEPA Presented by Matt Leopard Presented to NGA State-EPA Forum at Charleston, SC January 9, 2001
Today’s Topics • CDX (Brief Overview) • CDX Approach to Addressing CROMERRR • Discussion
CDX Features: • Multiple Submission Venues -> One Submission Point • Supports “Mass Customization” • Flexibility of submission formats (Web, XML, EDI) • Tailors submissions to specific customer • Uniformity Across Functions • registration, receipt, archiving, distribution, customer services, security • Leverages: • Widely-accepted PKI approach • Open Standards (XML, EDI)
Supported: EPA reports that: Require signature Do not require signature Can accept HTML, XML, Flat and EDI files that EPA has endorsed Currently supporting TRI, Air emission inventory, PCS/IDEF and drinking water exchanges, retooling CDX exchange process for DMRs Eventually expand ER across all EPA collections Not Supported: Multiple Digital Signature Software Solutions HTML, XML, EDI, or flat file formats not accepted by EPA EPA Confidential Business Information (not yet) Encryption Software Solutions (not yet) CBI Applications not currently “supported” (these may include certain FIFRA, TSCA, Acid Rain and other reports) Central Data Exchange
CDX Processes: • Registration • CDX registration • Certificate Authority registration • Routine Submission of Forms • Renewal
CDX Data Flow -Web:digital signature with copy of record HTTP HTTPS Note: User computer denotes interactions with CDX via web forms. Invalid logon/ID - CDX message START Logon via SSL Database for user access contains mailbox/profile validation for ID and password CDX Welcome Generic page for all users, help, how-to etc. Virus Scan Valid logon/ID HTTP Digital signature information is saved Archive 2 User User HTTPS Invalid certificate/signature – CDX message Call CDX for Help My CDX Custom Menu Choose formEdit/enter data Sign and submit Pre-population look-up Data Base Archive 1 Edit/sign and submit form CDX message (ack or ack + virus detected) Valid Certificate/signature validation Official copy in PDF with EPA signature to Submitter Archive 3 Archive 4 Official copy of record Translated/parsed data Certificate Arbitrator Module (CAM) Failed translation/parsing CDX message EPA Staging Server Certificate Authority (CA) Translate/Parse Data Certificate Revocation List (CRL)
Renewal Process • Requires users of the system to renew w. CDX every two years: • Must sign agreement with CDX that: • have not in any way compromised or delegated access to private key • no other evidence that any of these items (password, desktop software, account) have been compromised • Must also verify certificate with EPA’s CA
CDX Approach to Key Issues David Schwarz, USEPA
How is Submitter Identified? Key Features: • Registration uses “Two-pronged approach”: • “In-house” Pre-screening by EPA through Registration Process • “EPA independent” identity proofing of individual by Certificate Authority (CA) • Requires “Wet-Ink” signature on Signature Agreement and Renewal Agreements • During routine submission: • CDX user identified by account password issued by CDX • “Digitally signed” submissions verified by EPA’s CA
How is the Signature Bound to the Submission? Key Features: • Data for signature is posted to users CDX web account in “human readable’ web form regardless of original format of data received (XML, EDI, flat). • When user is ready to sign form, must: • Agree to “Truth and Accuracy Statement” pop-up • Digital signature is applied to “format and content” of web form viewed • Signed data stream is transmitted through an encrypted SSL session.
How is the Signature Protected Against Unauthorized Use? Features: • Signature can only be generated by: • accessing CDX account on EPA’s system • accessing private key on the user’s desktop system • accessing CDX software on user’s desktop • Software, private key cannot be shared with network or copied to another system • “Web” of out-of-band exchanges (acknowledgments, copy of records, etc.) provide means of detecting compromise
How is the signer made aware of the commitment he is bound to? • Initial “Wet Ink” Signature Agreement • “Reminders” during use of system: • Upon logging onto/off user’s CDX account • Upon invoking digital signature • Through receipt of acknowledgements, copy of records • Must “renew” agreement every two years
How is data protected in transit? In storage? • “Digitally signed” data are submitted to EPA through SSL session with CDX • Password authentication, integrity checking and signature verification performed at CDX • Four-step archiving process captures “Snapshot” of signed data as it is received, authenticated, translated and presented back to user as copy of record.
The “Copy of Record” • What is it? • electronic document as it was signed • the verified digital signature affixed • the date and time of receipt • and EPA’s digital signature of the entire content • Admissibility of Copy of Record • Must demonstrate authenticity of record and source • Must also consider “evidentiary weight” of COR
Copy of Record Features: • Copy of record “signed’ by EPA and provided back to user’s private account • Application of EPA’s digital signature prevents argument that data was altered • Centralized archiving and audit management functions ensure consistent process across submissions • Four-step archiving process ensures detailed historical record of document at each stage of CDX process