SlideShare une entreprise Scribd logo

Enhancing System Security Using PKI

Chin Wan Lim
Chin Wan Lim

PKI and the Philippines

Internet
1  sur  54
Télécharger pour lire hors ligne
Enhancing System Security Using PUBLIC KEY INFRASTRUCTURE SecureMetric Technology Inc. www.securemetric.com
What is PKI?
Public Key Infrastructure Public Key Private Key
What is a Certificate Authority?
SECRET   MARY’S   Public  Key   IDEAL WORLD MESSAGE   +   ENCRYPTED   MESSAGE  
REAL WORLD SECRET   Fake   MARY’S   Public  Key   MESSAGE   +   ENCRYPTED   MESSAGE   MARY’S   Public  Key   MODIFIED   ENCRYPTED   MESSAGE   +  
HOW TO SOLVE PROBLEM? SECRET   MESSAGE   +   ENCRYPTED   MESSAGE   MARY’S   Public  Key  
We are going round in circle!
PROBLEM SOLVED CPS & CP CERTIFICATE   AUTHORITY  
Why PKI?
4 Trust Requirements
The Philippines: Ready for PKI?
Public   Key   Infrastructure  
Public   Key   Core  Technology   Public  Key  Cryptography   (Asymmetric  Cryptography)   Very  first  Asymmetric  Algorithm  (RSA)  was   published  in  1977  
Public   Key   Infrastructure  
Infrastructure   InformaPon   Technology   LegislaPon   Enforcement   Policy   Procedures  
LegislaPon   LegislaPon  
Disclaimer   •  I  am  not  a  legal  pracPPoner   •  I’m  just  a  guy  with  experience  in   the  PKI  industry  and  is  passionate   enough  about  PKI  to  have   researched  on  the  Electronic   commerce  and  Digital  Signature   Acts  of  a  few  countries.   Do  not  take  what  I  say  as   legal  advice!  
EO 801 eCommerce Act 2000
Electronic  Commerce  Act  2000   •  “Electronic”  Signatures  becomes  acceptable  in  court   (Sect  8-­‐11).   •  Sec  5.E  “Electronic  signature”  refers  to  any  disPncPve   mark,  characterisPc  and/or  sound  in  electronic  form,   represenPng  the  idenPty  of  a  person  and  a_ached  to   or  logically  associated  with  the  electronic  data   message  or  electronic  document  or  any  methodology   or  procedures  employed  or  adopted  by  a  person  and   executed  or  adopted  by  such  person  with  the  intenPon   of  authenPcaPng  or  approving  an  electronic  data   message  or  electronic  document.    
“Electronic  Signature”   Sec.  8.  Legal  Recogni/on  of  Electronic   Signatures.  An  electronic  signature  on  the   electronic  document  shall  be  equivalent  to  the   signature  of  a  person  on  a  wri_en  document  if   that  signature  is  proved  by  showing  that  a   prescribed  procedure,  not  alterable  by  the   parPes  interested  in  the  electronic  document   Rules  on  Electronic  Evidence  issued  by  the  Supreme   court  in  2001  men/ons  specifically  Asymmetric  or   Public  Cryptosystem  (PKI).  
Electronic  Commerce  Act  2000   SEC.  27.  Government  Use  of  Electronic  Data   Messages,  Electronic  Documents  and  Electronic   Signatures.  All  departments,  bureaus,  offices  and   agencies  of  the  government,  as  well  as  all   government-­‐owned  and-­‐controlled  corporaPons   shall  within  2  years,  accept  electronic  documents   signed  with  “Electronic”  Signatures.     h?p://i.gov.ph/e-­‐government-­‐where-­‐are-­‐we-­‐now/  
Electronic  Commerce  Act  2000   SEC.  31.  Lawful  Access.  -­‐  Access  to  an  electronic   file,  or  an  electronic  signature  of  an  electronic  data   message  or  electronic  document  shall  only  be   authorized  and  enforced  in  favor  of  the  individual   or  enPty  having  a  legal  right  to  the  possession  or   the  use  of  the  plaintext,  electronic  signature  or  file   and  solely  for  the  authorized  purposes.  The   electronic  key  for  idenPty  or  integrity  shall  not  be   made  available  to  any  person  or  party  without  the   consent  of  the  individual  or  enPty  in  lawful   possession  of  that  electronic  key.  
•  AdopPon  of  a  naPonal  level   Public  Key  Infrastructure.   •  IdenPficaPon  of  Agencies   responsible.   •  Secng  up  of  framework  for   AccreditaPon.   •  Funding  and  resources.   •  DirecPves  for  the  Private   sector.   •  Fees.   •  CerPficate  Authority  hierarchy.   ExecuPve  Order  810  (2009)  
•  Philippine  AccreditaPon  Office   (PAO)  is  put  in-­‐charged  of   AccreditaPon  of  CerPficate   authoriPes  (CA)  including   private  sector  CAs.   ExecuPve  Order  810  (2009)  
•  InformaPon  and  CommunicaPon   Technology  Office  (ICTO)  under   DOST  is  put  in-­‐charged  of  the  IT   infrastructure  and  operaPons  for   the  NaPonal  CerPficate  authority   (CA).   ExecuPve  Order  810  (2009)   Department  of  Science  and  Technology   (DOST)  
•  Advanced  Science  and   Technology  InsPtute  (ASTI)   under  DOST  is  put  in-­‐charged   of  Technology  and  project   management  of  the  NaPonal   PKI  iniPaPve.   ExecuPve  Order  810  (2009)   Advanced  Science  and  Technology  InsMtute   (ASTI)  
Roles   •  CA=  CerPficate  Authority   •  RA=  RegistraPon   Authority   ExecuPve  Order  810  (2009)   CA   RA   RA   RA   Policy   Procedures   LegislaPon  
Philippines   NaPonal  PKI   Technology   EncrypPon   AuthenPcaPon   LegislaPon   Digital   Signature   In Conclusion…
Why  Should  Banks  Use  PKI?  
Miss  World  2013      
September  28,  2013…   Megan   Young  
September  29,  2013…  
 Other  variants  of   malware  email…  
Simple  Email  Content…  
 How  do  we  know   who  is  your  real   friend  in  the   anonymous  world   of  Internet?  
Wouldn’t  it  be  nice  if…  
How  do  you  know  if  this  actually  belong  to  a   legiMmate  organizaMon?  
Give  your  POS  Terminal  an  idenMty!  
Introducing…  
JCOP  RFID  Card  with  PKI  Enabled   Chip  
The  Security  of  ZiaPay   •  Each  ZiaPay  terminal  is  equipped  with  a  digital   cerPficate   •  Each  transacPon  is  signed  to  ensure   authenPcity   •  Each  transacPon  is  encrypPon  to  ensure   privacy   •  ConnecPon  between  each  Ziapay  terminal  and   the  servers  are  secured  using  SSL  
Case Study: ePayment Customs Declaration
Forwarding Agent DAGANG NET KDRM Code  20  -­‐  Approval  obtained  from  KDRM   Code  25  -­‐  Pre-­‐credit  received     (3a)ConfirmationofPayment (3) Execute Payment Web (https) (5) Pre-credit received (5) Pre-credit received (1) Customs Declaration (CUSDEC) (1) Customs Declaration (CUSDEC) (2) Customs Acknowledgement (Code 20) (2) Customs Acknowledgement (Code 20) (4a) Auto-Debit Advice (4b) Auto-Credit Advice (4a) Debit Advice (4b) Credit Advice BNM RENTAS Immediate on-line crediting to KDRM

Recommandé

Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
Chin Wan Lim
 
PKI in Korea
PKI in KoreaPKI in Korea
PKI in Korea
The World Bank
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
Svetlin Nakov
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSL
Tony Fabeen
 
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Hai Nguyen
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
Frank Mercado
 
Digital signature
Digital signatureDigital signature
Digital signature
Mohanasundaram Nattudurai
 
SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business
Jinhwan Shin
 

Recommandé

Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
Chin Wan Lim
 
PKI in Korea
PKI in KoreaPKI in Korea
PKI in Korea
The World Bank
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
Svetlin Nakov
 
Pki and OpenSSL
Pki and OpenSSLPki and OpenSSL
Pki and OpenSSL
Tony Fabeen
 
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Eco [3 c] introduction of national pki-sg-jaejung kim-15_apr10
Hai Nguyen
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
Frank Mercado
 
Digital signature
Digital signatureDigital signature
Digital signature
Mohanasundaram Nattudurai
 
SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business SG(Signgate) PKI Abroad Business
SG(Signgate) PKI Abroad Business
Jinhwan Shin
 
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGCPKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
Nizar Ben Neji
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
Devam Shah
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
CheapSSLUSA
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
atuljaybhaye
 
Digital signature
Digital signatureDigital signature
Digital signature
Yash Karanke
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
Information Security Awareness Group
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
PiChainAdministrator
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature ppt
Ravi Ranjan
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Floyd DCosta
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
Soham Kansodaria
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificate
Ashvini Soni
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
Oliver Pfaff
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
svm
 
Digital Certificates and Secure Web Access
Digital Certificates and Secure Web AccessDigital Certificates and Secure Web Access
Digital Certificates and Secure Web Access
bluntm64
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
Naveen Jakhar, I.T.S
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
Avirot Mitamura
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
nayakslideshare
 
What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]
Kamal Thakur
 
Cryptography and PKI
Cryptography and PKICryptography and PKI
Cryptography and PKI
Rabei Hassan
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
Eric Vanderburg
 

Contenu connexe

Tendances

PKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGCPKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
Nizar Ben Neji
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificate
Ashvini Soni
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
Oliver Pfaff
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
Avirot Mitamura
 

Tendances (20)

PKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGCPKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
PKI_in_Depth__TATT__Niza_Ben_Neji__TMGC
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 
Digital signatures
Digital signaturesDigital signatures
Digital signatures
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Marco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overviewMarco Casassa Mont: Pki overview
Marco Casassa Mont: Pki overview
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
 
Seminar presentation on digital signature ppt
Seminar presentation on digital signature pptSeminar presentation on digital signature ppt
Seminar presentation on digital signature ppt
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
Blockchain Defined Perimeter (BDP) - Maximum cybersecurity for critical syste...
 
Digital signature(Cryptography)
Digital signature(Cryptography)Digital signature(Cryptography)
Digital signature(Cryptography)
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificate
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
 
Digital Certificates and Secure Web Access
Digital Certificates and Secure Web AccessDigital Certificates and Secure Web Access
Digital Certificates and Secure Web Access
 
Digital signatures and e-Commerce
Digital signatures and e-CommerceDigital signatures and e-Commerce
Digital signatures and e-Commerce
 
Overall cryptography and pki introduction
Overall cryptography and pki introductionOverall cryptography and pki introduction
Overall cryptography and pki introduction
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]
 

En vedette

Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...
Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...
Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...
IndicThreads
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
ForgeRock
 
IoT Interoperability: a Hub-based Approach
IoT Interoperability: a Hub-based ApproachIoT Interoperability: a Hub-based Approach
IoT Interoperability: a Hub-based Approach
Michael Blackstock
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An Introduction
ForgeRock
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSL
Zhi Guan
 

En vedette (20)

Cryptography and PKI
Cryptography and PKICryptography and PKI
Cryptography and PKI
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
 
Towards the Cross-Domain Interoperability of IoT Platforms - EuCNC, 30 Jun 20...
Towards the Cross-Domain Interoperability of IoT Platforms - EuCNC, 30 Jun 20...Towards the Cross-Domain Interoperability of IoT Platforms - EuCNC, 30 Jun 20...
Towards the Cross-Domain Interoperability of IoT Platforms - EuCNC, 30 Jun 20...
 
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentationAssureBridge - SSO to Many B2B Service Providers - Marketing presentation
AssureBridge - SSO to Many B2B Service Providers - Marketing presentation
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...
Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...
Cloud Lock-in vs. Cloud Interoperability - Indicthreads cloud computing conf...
 
Tutorial membuat Public Key Infrastructure
Tutorial membuat Public Key InfrastructureTutorial membuat Public Key Infrastructure
Tutorial membuat Public Key Infrastructure
 
IoT Day 2016: Cloud Services for IoT Semantic Interoperability
IoT Day 2016: Cloud Services for IoT Semantic InteroperabilityIoT Day 2016: Cloud Services for IoT Semantic Interoperability
IoT Day 2016: Cloud Services for IoT Semantic Interoperability
 
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
OpenIG Webinar: Your Swiss Army Knife for Protecting and Securing Web Apps, A...
 
Engineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric EncryptionEngineering Cryptographic Applications: Symmetric Encryption
Engineering Cryptographic Applications: Symmetric Encryption
 
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTSA CONTEMPLATION OF OPENIG DEEP THOUGHTS
A CONTEMPLATION OF OPENIG DEEP THOUGHTS
 
IoT Interoperability: a Hub-based Approach
IoT Interoperability: a Hub-based ApproachIoT Interoperability: a Hub-based Approach
IoT Interoperability: a Hub-based Approach
 
OpenSSL Basic Function Call Flow
OpenSSL Basic Function Call FlowOpenSSL Basic Function Call Flow
OpenSSL Basic Function Call Flow
 
Securing Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital IDSecuring Access Through a Multi-Purpose Credential and Digital ID
Securing Access Through a Multi-Purpose Credential and Digital ID
 
Interoperability with Standardless IoT (Global IoT Day Wien)
Interoperability with Standardless IoT (Global IoT Day Wien)Interoperability with Standardless IoT (Global IoT Day Wien)
Interoperability with Standardless IoT (Global IoT Day Wien)
 
Webinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New FeatursWebinar: OpenAM 12.0 - New Featurs
Webinar: OpenAM 12.0 - New Featurs
 
Ecosystems, Platforms and Interoperability in IoT - 22/11/2013
Ecosystems, Platforms and Interoperability in IoT - 22/11/2013Ecosystems, Platforms and Interoperability in IoT - 22/11/2013
Ecosystems, Platforms and Interoperability in IoT - 22/11/2013
 
OpenIDM: An Introduction
OpenIDM: An IntroductionOpenIDM: An Introduction
OpenIDM: An Introduction
 
Identity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM ArchitectureIdentity Manager Opensource OpenIDM Architecture
Identity Manager Opensource OpenIDM Architecture
 
Crypto With OpenSSL
Crypto With OpenSSLCrypto With OpenSSL
Crypto With OpenSSL
 

Similaire à Enhancing System Security Using PKI

Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Rohan Nyayadhish
 
Information Technology Act 2000 An Overview
Information Technology Act 2000 An OverviewInformation Technology Act 2000 An Overview
Information Technology Act 2000 An Overview
Anubhav
 
Unit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptxUnit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptx
Sanjith261
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatesppt
SuvabrataSamanta
 
Information-Technology-Act 2000- An overview-sethassociatesppt (1).ppt
Information-Technology-Act 2000- An overview-sethassociatesppt (1).pptInformation-Technology-Act 2000- An overview-sethassociatesppt (1).ppt
Information-Technology-Act 2000- An overview-sethassociatesppt (1).ppt
shahulgk
 
Information technology-act2000-120112080011-phpapp02 2
Information technology-act2000-120112080011-phpapp02 2Information technology-act2000-120112080011-phpapp02 2
Information technology-act2000-120112080011-phpapp02 2
Suryadev Maity
 

Similaire à Enhancing System Security Using PKI (20)

Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
 
Information Technology Act 2000 An Overview
Information Technology Act 2000 An OverviewInformation Technology Act 2000 An Overview
Information Technology Act 2000 An Overview
 
Cyber law final
Cyber law finalCyber law final
Cyber law final
 
Unit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptxUnit-5.3 Information Technology Act, 2000-MLP.pptx
Unit-5.3 Information Technology Act, 2000-MLP.pptx
 
Cyber
CyberCyber
Cyber
 
Information technology-act 2000
Information technology-act 2000Information technology-act 2000
Information technology-act 2000
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
 
Validity Of E singnature In India
Validity Of E singnature In IndiaValidity Of E singnature In India
Validity Of E singnature In India
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
 
HSC IT - Cyber Law and Ethics part 2
HSC IT - Cyber Law and Ethics part 2HSC IT - Cyber Law and Ethics part 2
HSC IT - Cyber Law and Ethics part 2
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatesppt
 
Cyber law/Business law
Cyber law/Business lawCyber law/Business law
Cyber law/Business law
 
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptxINFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
INFORMATION TECHNOLOGY ACT 2000 and its provisions.pptx
 
IT Act,2000
IT Act,2000IT Act,2000
IT Act,2000
 
Information-Technology-Act 2000- An overview-sethassociatesppt (1).ppt
Information-Technology-Act 2000- An overview-sethassociatesppt (1).pptInformation-Technology-Act 2000- An overview-sethassociatesppt (1).ppt
Information-Technology-Act 2000- An overview-sethassociatesppt (1).ppt
 
INDIAN CYBERLAW AND SECURITY
INDIAN CYBERLAW AND SECURITYINDIAN CYBERLAW AND SECURITY
INDIAN CYBERLAW AND SECURITY
 
Information technology-act2000-120112080011-phpapp02 2
Information technology-act2000-120112080011-phpapp02 2Information technology-act2000-120112080011-phpapp02 2
Information technology-act2000-120112080011-phpapp02 2
 
B11: Central IP & IT Court | FinTech: Legal and Regulatory Challenges (7 Aug ...
B11: Central IP & IT Court | FinTech: Legal and Regulatory Challenges (7 Aug ...B11: Central IP & IT Court | FinTech: Legal and Regulatory Challenges (7 Aug ...
B11: Central IP & IT Court | FinTech: Legal and Regulatory Challenges (7 Aug ...
 
Cyber Law and Information Technology Act 2000 with case studies
Cyber Law and Information Technology Act 2000 with case studiesCyber Law and Information Technology Act 2000 with case studies
Cyber Law and Information Technology Act 2000 with case studies
 
It act law ppt
It act law pptIt act law ppt
It act law ppt
 

Plus de Chin Wan Lim

Plus de Chin Wan Lim (12)

SecureMetric's SecureMAG Volume 8
SecureMetric's SecureMAG Volume 8SecureMetric's SecureMAG Volume 8
SecureMetric's SecureMAG Volume 8
 
How To Rob A Bank In The 21st Century - PKI Version
How To Rob A Bank In The 21st Century - PKI VersionHow To Rob A Bank In The 21st Century - PKI Version
How To Rob A Bank In The 21st Century - PKI Version
 
SecureMag 2015 :: Volume 7
SecureMag 2015 :: Volume 7SecureMag 2015 :: Volume 7
SecureMag 2015 :: Volume 7
 
What Miss World 2013 Can Teach A Bank About PKI
What Miss World 2013 Can Teach A Bank About PKIWhat Miss World 2013 Can Teach A Bank About PKI
What Miss World 2013 Can Teach A Bank About PKI
 
SecureMAG Volume 6 - 2014
SecureMAG Volume 6 - 2014SecureMAG Volume 6 - 2014
SecureMAG Volume 6 - 2014
 
PKI-In-A-Box
PKI-In-A-BoxPKI-In-A-Box
PKI-In-A-Box
 
SecureMAG Vol. 5 2012
SecureMAG Vol. 5 2012SecureMAG Vol. 5 2012
SecureMAG Vol. 5 2012
 
SecureMAG Vol 4.
SecureMAG Vol 4.SecureMAG Vol 4.
SecureMAG Vol 4.
 
SecureMAG Vol 3
SecureMAG Vol 3SecureMAG Vol 3
SecureMAG Vol 3
 
Utilizing PKI to Reduce Risk & Cost
Utilizing PKI to Reduce Risk & CostUtilizing PKI to Reduce Risk & Cost
Utilizing PKI to Reduce Risk & Cost
 
AEP Netwrorks Keyper HSM & ICANN DNSSEC
AEP Netwrorks Keyper HSM & ICANN DNSSECAEP Netwrorks Keyper HSM & ICANN DNSSEC
AEP Netwrorks Keyper HSM & ICANN DNSSEC
 
SecureMetric Newsletter: SecureMag Volume 2
SecureMetric Newsletter: SecureMag Volume 2SecureMetric Newsletter: SecureMag Volume 2
SecureMetric Newsletter: SecureMag Volume 2
 

Dernier

Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Priya Reddy
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
gajnagarg
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Monica Sydney
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
kumargunjan9515
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Monica Sydney
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
F
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Monica Sydney
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Monica Sydney
 

Dernier (20)

Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu DhabiAbu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
Abu Dhabi Escorts Service 0508644382 Escorts in Abu Dhabi
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理一比一原版奥兹学院毕业证如何办理
一比一原版奥兹学院毕业证如何办理
 
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girlsRussian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
Russian Call girls in Abu Dhabi 0508644382 Abu Dhabi Call girls
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
best call girls in Hyderabad Finest Escorts Service 📞 9352988975 📞 Available ...
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 

Enhancing System Security Using PKI

  • 4. What is a Certificate Authority?
  • 5. SECRET   MARY’S   Public  Key   IDEAL WORLD MESSAGE   +   ENCRYPTED   MESSAGE  
  • 6. REAL WORLD SECRET   Fake   MARY’S   Public  Key   MESSAGE   +   ENCRYPTED   MESSAGE   MARY’S   Public  Key   MODIFIED   ENCRYPTED   MESSAGE   +  
  • 7. HOW TO SOLVE PROBLEM? SECRET   MESSAGE   +   ENCRYPTED   MESSAGE   MARY’S   Public  Key  
  • 13. Public   Key   Infrastructure  
  • 14. Public   Key   Core  Technology   Public  Key  Cryptography   (Asymmetric  Cryptography)   Very  first  Asymmetric  Algorithm  (RSA)  was   published  in  1977  
  • 15. Public   Key   Infrastructure  
  • 16. Infrastructure   InformaPon   Technology   LegislaPon   Enforcement   Policy   Procedures  
  • 18. Disclaimer   •  I  am  not  a  legal  pracPPoner   •  I’m  just  a  guy  with  experience  in   the  PKI  industry  and  is  passionate   enough  about  PKI  to  have   researched  on  the  Electronic   commerce  and  Digital  Signature   Acts  of  a  few  countries.   Do  not  take  what  I  say  as   legal  advice!  
  • 20. Electronic  Commerce  Act  2000   •  “Electronic”  Signatures  becomes  acceptable  in  court   (Sect  8-­‐11).   •  Sec  5.E  “Electronic  signature”  refers  to  any  disPncPve   mark,  characterisPc  and/or  sound  in  electronic  form,   represenPng  the  idenPty  of  a  person  and  a_ached  to   or  logically  associated  with  the  electronic  data   message  or  electronic  document  or  any  methodology   or  procedures  employed  or  adopted  by  a  person  and   executed  or  adopted  by  such  person  with  the  intenPon   of  authenPcaPng  or  approving  an  electronic  data   message  or  electronic  document.    
  • 21. “Electronic  Signature”   Sec.  8.  Legal  Recogni/on  of  Electronic   Signatures.  An  electronic  signature  on  the   electronic  document  shall  be  equivalent  to  the   signature  of  a  person  on  a  wri_en  document  if   that  signature  is  proved  by  showing  that  a   prescribed  procedure,  not  alterable  by  the   parPes  interested  in  the  electronic  document   Rules  on  Electronic  Evidence  issued  by  the  Supreme   court  in  2001  men/ons  specifically  Asymmetric  or   Public  Cryptosystem  (PKI).  
  • 22. Electronic  Commerce  Act  2000   SEC.  27.  Government  Use  of  Electronic  Data   Messages,  Electronic  Documents  and  Electronic   Signatures.  All  departments,  bureaus,  offices  and   agencies  of  the  government,  as  well  as  all   government-­‐owned  and-­‐controlled  corporaPons   shall  within  2  years,  accept  electronic  documents   signed  with  “Electronic”  Signatures.     h?p://i.gov.ph/e-­‐government-­‐where-­‐are-­‐we-­‐now/  
  • 23. Electronic  Commerce  Act  2000   SEC.  31.  Lawful  Access.  -­‐  Access  to  an  electronic   file,  or  an  electronic  signature  of  an  electronic  data   message  or  electronic  document  shall  only  be   authorized  and  enforced  in  favor  of  the  individual   or  enPty  having  a  legal  right  to  the  possession  or   the  use  of  the  plaintext,  electronic  signature  or  file   and  solely  for  the  authorized  purposes.  The   electronic  key  for  idenPty  or  integrity  shall  not  be   made  available  to  any  person  or  party  without  the   consent  of  the  individual  or  enPty  in  lawful   possession  of  that  electronic  key.  
  • 24. •  AdopPon  of  a  naPonal  level   Public  Key  Infrastructure.   •  IdenPficaPon  of  Agencies   responsible.   •  Secng  up  of  framework  for   AccreditaPon.   •  Funding  and  resources.   •  DirecPves  for  the  Private   sector.   •  Fees.   •  CerPficate  Authority  hierarchy.   ExecuPve  Order  810  (2009)  
  • 25. •  Philippine  AccreditaPon  Office   (PAO)  is  put  in-­‐charged  of   AccreditaPon  of  CerPficate   authoriPes  (CA)  including   private  sector  CAs.   ExecuPve  Order  810  (2009)  
  • 26. •  InformaPon  and  CommunicaPon   Technology  Office  (ICTO)  under   DOST  is  put  in-­‐charged  of  the  IT   infrastructure  and  operaPons  for   the  NaPonal  CerPficate  authority   (CA).   ExecuPve  Order  810  (2009)   Department  of  Science  and  Technology   (DOST)  
  • 27. •  Advanced  Science  and   Technology  InsPtute  (ASTI)   under  DOST  is  put  in-­‐charged   of  Technology  and  project   management  of  the  NaPonal   PKI  iniPaPve.   ExecuPve  Order  810  (2009)   Advanced  Science  and  Technology  InsMtute   (ASTI)  
  • 28. Roles   •  CA=  CerPficate  Authority   •  RA=  RegistraPon   Authority   ExecuPve  Order  810  (2009)   CA   RA   RA   RA   Policy   Procedures   LegislaPon  
  • 29.
  • 30. Philippines   NaPonal  PKI   Technology   EncrypPon   AuthenPcaPon   LegislaPon   Digital   Signature   In Conclusion…
  • 31. Why  Should  Banks  Use  PKI?  
  • 33. September  28,  2013…   Megan   Young  
  • 35.
  • 36.  Other  variants  of   malware  email…  
  • 37.
  • 39.
  • 40.
  • 41.  How  do  we  know   who  is  your  real   friend  in  the   anonymous  world   of  Internet?  
  • 42. Wouldn’t  it  be  nice  if…  
  • 43.
  • 44.
  • 45.
  • 46.
  • 47. How  do  you  know  if  this  actually  belong  to  a   legiMmate  organizaMon?  
  • 48. Give  your  POS  Terminal  an  idenMty!  
  • 50.
  • 51. JCOP  RFID  Card  with  PKI  Enabled   Chip  
  • 52. The  Security  of  ZiaPay   •  Each  ZiaPay  terminal  is  equipped  with  a  digital   cerPficate   •  Each  transacPon  is  signed  to  ensure   authenPcity   •  Each  transacPon  is  encrypPon  to  ensure   privacy   •  ConnecPon  between  each  Ziapay  terminal  and   the  servers  are  secured  using  SSL  
  • 53. Case Study: ePayment Customs Declaration
  • 54. Forwarding Agent DAGANG NET KDRM Code  20  -­‐  Approval  obtained  from  KDRM   Code  25  -­‐  Pre-­‐credit  received     (3a)ConfirmationofPayment (3) Execute Payment Web (https) (5) Pre-credit received (5) Pre-credit received (1) Customs Declaration (CUSDEC) (1) Customs Declaration (CUSDEC) (2) Customs Acknowledgement (Code 20) (2) Customs Acknowledgement (Code 20) (4a) Auto-Debit Advice (4b) Auto-Credit Advice (4a) Debit Advice (4b) Credit Advice BNM RENTAS Immediate on-line crediting to KDRM