1 / 19

Guaranteeing Electronic Trust at all times

Guaranteeing Electronic Trust at all times. Today's Agenda. Who is CertiVeR Solutions from CertiVeR CertiVeR – TACAR proposal Questions. CertiVeR Services Validation. OCSP Validation via CRL or OCSP database connection in real time. Provision of enhanced OCSP responder High Availability

zayas
Download Presentation

Guaranteeing Electronic Trust at all times

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Guaranteeing Electronic Trust at all times

  2. Today's Agenda • Who is CertiVeR • Solutions from CertiVeR • CertiVeR – TACAR proposal • Questions

  3. CertiVeR ServicesValidation • OCSP Validation via CRL or OCSP database connection in real time. • Provision of enhanced OCSP responder • High Availability • Back up • Load Sharing • Automated Revocation

  4. Invalid Certificate CertiVeR ServicesEnhancedValidation information • Certificate Status • Active, Revoked or Suspended • Multiple CA integration • Purpose of Certificate • Use of OCSP response extensions to disclose attributes of the user certificate or the Certification Authority policy. • Used for authorisation by applications to carry out specific functions or transactions

  5. CertiVeR Services: Load Sharing,Backup & High Availability • Backup of your certificates database: • Backup in case of failure with security guarantee • Lower cost than if you were to do it yourself • High Availability: • Hot standby backup in case of failure • Load sharing or balancing • Ensure high availability and reliability • Guarantee performance levels

  6. CertiVeR ServicesAutomated Revocation • Automated certificate revocation module or application via voice and speaker recognition. • High Security, Liability and Reliability • Biometrics user registration • Speaker and Voice recognition integrated with revocation • High Availability, 24x7 • Outsourcing of service to CertiVeR

  7. CertiVeR ServicesOptional Manual Revocation • Common CallCenter for all CAs • Economies of Scale • Lower shared costs • More user friendly • High Availability, 24x7 • Automated system may transfer problematic calls • Security provided through Secret questions • A similar security level could also be provided via Web

  8. CertiVeR Services - Outsourcing Certificate Status Database Management • Offload management • Reduce costs • Improve service • Enhance reliability • Increase accuracy • Raise level of trust and confidence

  9. CertiVeR ServicesCA Certification • Creation of or assistance with CPS • Audit of CA in accordance with international and national norms • Legal requirements • Required by customers • Facilitates trust chains • CertiVeR Proof of Trustworthiness

  10. CertiVeR Cross-TrustHow do you trust other CAs? • Chaining Trust • Cross-certification • Cross-validation • No more PKI Islands • Degree of Trust • Validity Time of Trust • Validity Period of Trust

  11. CertiVeR ServicesReady applications for digital signature • Provide tools and services to make applications PKI ready: • Already integrating GTK 3.9.4 • Single validation access point for several CA,s • Provision of access APIs • Quality Control and post development support • Facilitate the rise of applications using digital signatures • Needing more than one certificate • Needing more than just certificate validation

  12. CertiVeR – TACAR 1st Proposal Revocation Administration done by CA CertiVeR Sites Cert Status Database Publish Root Certs OCSP Responder Revocation Module TACAR CA’s Root List CRL for User Certs CAs Revoke Root Certs Revoke User Certs synch OCSP Validation Request for TACAR’s Repository and hierarchies CA Users, Grid Users, etc.

  13. CertiVeR – TACAR 2nd Proposal Revocation Administration done by CertiVeR CertiVeR Sites Cert Status Database CAs Revoke Root Certs Publish Root Certs OCSP Responder Revocation Module OCSP Validation Request for TACAR’s Repository and hierarchies Revoke User Certs TACAR CA’s Root List CA Users, Grid Users, etc. synch

  14. OCSP Signature Validation We offer two options: • Sign OCSP responses with a certificate trusted by all parties. • Sign OCSP responses with a certificate issued by the same CA hierarchy as the certificates whose status is being asked for.

  15. The Business case for CertiVeRAnnual cost assumptions included Cost cover up to 10.000 users

  16. The Business case for CertiVeRAnnual cost assumptions included depending on degree of Administration Cost cover up to 10.000 users (1) Status Checking + Trust chain integration Discount Univ. 50% = 50,000€ Savings of €60,000 or 120% each site!!!

  17. The Basic services by CertiVeR • The most cost-effective services offered TOTAL saving 43.000 €/year/site 123% over CertiVeR cost 55% over University cost

  18. Try now our demo at: http://www.certiver.com

  19. Any Questions ?

More Related