trusted archiving authority - LTANS

  • View
    1.627

  • Download
    3

Embed Size (px)

DESCRIPTION

an overview of all topics and applications to build a trusted archiving authority (TAA) aligned with LTANS.

Text of trusted archiving authority - LTANS

TAA-Trusted Archive Authority

03-23-05

Juni 2011

TAA-Trusted Archive AuthorityPresented by Jan Biets

Jan_biets@hotmail.com +32(0)477 32 90 11 Mechelen - Belgium

TAA Trusted Archive Authority , Fedisa

Juni 2011

PRE All rights reserved by the author. No citing, abstracting, or other usage is permitted without written permission

Contact address: Jan_biets@hotmail.com

TAA Trusted Archive Authority , Fedisa

Juni 2011

AgendaDefinitions:LTANS:Long-Term Archive and Notary Services

TAA:Trusted archive authorityDescription TAA.org:A TAA accepts data for long-term storage and is responsible for ensuring that an evidence trail is produced and stored to enable demonstration of data integrity at any point in the future.

Non-repudiation - undeniable - legally binding

TAA Trusted Archive Authority , Fedisa

Juni 2011

TSAE-SIGNCA - PKIERSManagementLAWPolicySecurityBusiness ProcessUser interfaceAgenda

TAA Trusted Archive Authority , Fedisa

Juni 2011

Agenda

TAA Trusted Archive Authority , Fedisa

Juni 2011

RFC3281 : An Internet Attribute Certificate Profile for AuthorizationRFC3280 : Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile RFC3369 :Cryptographic Message Syntax (CMS) RFC3126 : Electronic Signature Formats for long term electronic signaturesRFC3161 : Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)RFC2459: Internet X.509 Public Key Infrastructure Certificate and CRL Profile PKCS#7 : Cryptographic Message Syntax Standard PKCS#11 : Cryptographic Token Interface Standard PKCS#12 : Personal Information Exchange Syntax Standard FIPS PUB 186-2 digital signature standard RfC 4871 - DomainKeys Identified Mail (DKIM) Signatures DomainKeys Identified Mail (DKIM) Service Overview draft-ietf-dkim-overview-10 (11 juli 2008)RfC 3280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) ProfileRfC 5055 - Server-Based Certificate Validation Protocol (SCVP)RfC 3379 - Delegated Path Validation and Delegated Path Discovery Protocol RequirementsETSI 201 733 - ETSI Electronic Signatures and InfrastructuresACVS: An Advanced Certificate [RFC0989] Linn, J. and IAB Privacy Task Force, "Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures", RFC 0989, February 1987.[RFC2822] Resnick, P., "Internet Message Format", RFC 2822, April 2001.[RFC3164] Lonvick, C., "The BSD Syslog Protocol", RFC 3164, August 2001.[RFC3851] Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification", RFC 3851, July 2004.[RFC4686] Fenton, J., "Analysis of Threats Motivating DomainKeys Identified Mail (DKIM)", RFC 4686, September 2006. INTERNET DRAFT DKIM Service Overview February 2008 Hansen, et al. Informational [RFC4870] Delany, M., "Domain-Based Email Authentication Using Public Keys Advertised in the DNS (DomainKeys)", RFC 4870, May 2007. [RFC4871] Allman, E., Callas, J., Delany, M., Libbey, M., Fenton, J., and M. Thomas, "DomainKeys Identified Mail (DKIM) Signatures", RFC 4871, May 2007.

TAA the complexity (?)

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA functional architectural designIAMCATSADMSERSi-SignHWEvent logging(audit trail)storageSA*Abbreviations:IAM identity & access managementCA Certification authorityRA registration authoritySA source authenticERS Evidence record syntax

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - IAM

CA PKI and RA: strong identification and access management (authorisation)face to face issuing smart cart / token, Based on authentic source (SA):database of members of closed environment / target public.Accurate management of authentic source, and respectively authorisations.Class 3: for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing certificate authority. Abbreviations:CA - Certification Authority , ETSI TS 101 456PKI - Private Key Infrastructure, SA source authenticRA - Registration Authority , ETSI TS 101 456

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - electronic signatureXAdES (XML Advanced Electronic Signatures) is a set of extensions to XML-DSig recommendation making it suitable for advanced electronic signature.Xades XL,extended long-term, adding actual certificates and revocation lists to the signed document to allow verification in future even if their original source is not available; XAdES specifies precise profiles of XML-DSig for use with advanced electronic signature in the meaning of European Union Directive 1999/93/EC. One important benefit from XAdES is that electronically signed documents can remain valid for long periods, even if underlying cryptographic algorithms are broken. Based on:Xades , ETSI 101 903

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - electronic signatureLegal points of interest / attention: sometimes constraints: only one copy as the original ! or not allowed to store abroad (difficult to verify on internet!)sign documents individually (not batch files)use Pdf-a formatBased on:Xades , ETSI 101 903

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - TSAThe technique is based on digital signatures and hash functions. First a hash is calculated from the data. A hash is a sort of digital fingerprint of the original data: a string of bits that is different for each set of data. If the original data is changed then this will result in a completely different hash. This hash is sent to the TSA. The TSA concatenates a timestamp to the hash and calculates the hash of this concatenation. This hash is in turn digitally signed with the private key of the TSA. This signed hash + the timestamp is sent back to the requester of the timestamp who stores these with the original data (see diagram).Since the original data can not be calculated from the hash (because the hash function is a one way function), the TSA never gets to see the original data, which allows the use of this method for confidential data.Abbreviations:TSA - Timestamp Authority , ETSI TS 102 023

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - TSAAbbreviations:TSA - Timestamp Authority , ETSI TS 102 023

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - managementManagement has to provide:a set of resources (budget , and other means) , to enable the execution of the projects (programme) and the operations of the applications (well defined roles and responsibilities, policies , and a suitable organisation)

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - management

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - other elements Business CaseWhy, what, how (justification)Risk assessmentWhat are the risks what if notBusiness Process FlowDefine the streams of the document flowsDMSChoice commercial product , or open sourceUser interface (GUI)Abbreviations:DMS - Document Management System, GUI Graphic User Interface

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA - approachcreating a system to enable the TAA service :policy, A policy is typically described as a principle or rule to guide decisions and achieve rational outcome(s). a policy will contain the 'what' and the 'why',Obligations and liabilityRecords to be depositedTime of deposit (retention)Data integrity, and access continuity assurancesAccepted formatsprocesses, procedures, procedures (or protocols) contain the 'what', the 'how', the 'where', and the 'when'. security,infrastructure/architectural design andaudit Verify: systems, documents, and operations

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA Risk assessment 360

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA Risk assessment 360security tiers)Policy SecurityPolicy HRTrusted Archival AuthorityPhysical SecurityBuilding SecurityPolicy SecurityApplication securityServer roomOrganisation & management PolicySystem SecurityAuthorisation & authentificationNetwork SecurityUser interface Securityprocedurespeople

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA basic functionalities and features of a DMSDepose documentsUser managementAccess controlDocument life cycle management (retention policy)Audit trail (event logging)Proof of document integrityWeb access (intranet, internet)Document management system (user interface),

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA functionalities: audit trail (logging of events)System:Authorisation matrixChange file detectionLog file is encryptedSecure loggingOperator alertsSystem alarmsSystem modifications have to be done by system administrator + logging (+ documented)Based on results of risk assessment1/2Remark:CWA 14167-1. Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures

TAA Trusted Archive Authority , Fedisa

Juni 2011

TAA functionalities: audit trail (logging of events)Procedures4-eyes (or more) in case system operations / modificationsAdministrator access management by means of smart card and certificate by CSODashboard (events)Authorisation matrixConfiguration user management , access management modificationsWho has, when , what document deposed, modified, consulted, changed, deleted, shared?2/2

Remark:CWA 14167-1. Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures Abbreviations:CSO Chief Security Officer

TAA Trusted Archiv