180 likes | 247 Views
Public Key Superstructure It’s PKI Jim, but not as we know it!. 7 th Annual “IDtrust” Symposium 5 March 2008, Gaithersburg MD, USA Stephen Wilson Lockstep Consulting Pty Ltd. About Lockstep. Consultants specialised in PKI, smartcards & privacy
E N D
Public Key Superstructure It’s PKI Jim, but not as we know it! 7th Annual “IDtrust” Symposium 5 March 2008, Gaithersburg MD, USA Stephen Wilson Lockstep Consulting Pty Ltd
About Lockstep • Consultants specialised in PKI, smartcards & privacy • Developing novel de-identification and online safety solutions
About Lockstep • Asia PKI Forum • Gatekeeper Policy Committee • Aust. Law Reform Commission
The passport metaphor • Non-descript applications • impossible for CAs to manage risk • Stranger-to-stranger e-business • “It’s good to trust but it’s better not to” • Novel TTP business models • Imposed incredible CPSs upon users • Notion of a single identity • “Interoperability” = cross certification
“Cross-certification and policy mapping has been a rat hole that has sucked up vast amounts of energy better spent elsewhere” Anonymous, Feb 2008
“Fading PKI Market” June 2003 PKI thickets 1999 RSA Conference Identrus Verisign IPO 1999 2002 2005 2008
PKI in practice • Works best in closed communities • Automates transactions in context • This is a Good Thing • Embedded keys & certificates • Fits with identity plurality
Security Printer Distribute bar code labels Announcements Announcement Fax OCR Affix bar code CA as Security Printer Stock Exchange Listed Company Achieve Listing Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules ListingsDepartment Officer
CA as Security Printer CA Distribute certificates, keys Stock Exchange Listed Company Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules ListingsDepartment Announcements Announcement Message App Message App Digitally sign
Security printer implications • Decouples registration from production • Manages risks associated with registration & production separately • No contract between Subscriber & CA • No exposure of CPS to Subscriber • Easier to novate CA service providers • Accreditation not affected by new Policies
Context Credentials Subject: - - - Ext: Lic No. xyz Issuer: Health Org Policy OID: - - - Public Key: - - - Health Org CA Subject: - - - Validity: - - - Issuer: Root CA Policy OID: - - - Public Key: - - - Signed: Health Root CA Health Organisation “Relationship Certificates” e-Prescription Patient name - - Med - - - Dose - - - Repeats - - - Signed: Dr Lic. xyz Signed: Health Org CA Transaction User Certificate CA Certificate
“Relationship Certificates” • Form of “Authorization PKI” • Kill the holy cow of authentication being primary over authorization • Preserves X.509 formats, software • Not SPKI: no ‘primary’ ID certificate • Not Attribute Certs: we can sign with cert
Certificate Serial No. Poll Key CA Candidate Candidate Candidate Dig Sign Register smartcard Enrol to vote Candidate Roll Identify voter Candidate Generate key pair Install anon. certificate Candidate 2 1 Certificate Serial No. Poll Key Smartcard distribution process Candidate 2 Signed ballot Candidate Dig Sign Candidate 1 Lockstep anonymous e-voting B. Register C. Vote A. Background
(1) Distribute investigator packs (3) Load pt smartcard with Stepwise anonymous ID Certificate Patient ID Study ID Key (2) Enrol patient into study Dig Sign Lockstep clinical study privacy Study sponsor Logistics Certificate Server Randomisation Collection
Certificate Patient ID Study ID Key (6) De-identified securefollow up data, “sealed” with Stepwise ID (5) Investigations as per protocol Tests Lockstep clinical study privacy (4) Patient presents for follow-up Study sponsor Logistics Certificate Server Randomisation Collection
Discussion See also www.lockstep.com.au/technologies swilson@lockstep.com.au