Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

IWMW 2001: PKI: the View from Down Under

Slides for a talk on "PKI: the View from Down Under" given by Ed Bristow at the IWMW 2001 event held at Queen's University Belfast on 25-27 June 2001.

See http://www.ukoln.ac.uk/web-focus/events/workshops/webmaster-2001/sessions.html#speaker-4

  • Login to see the comments

  • Be the first to like this

IWMW 2001: PKI: the View from Down Under

  1. 1. PKI: The View from Down Under Presentation to 2001 Institutional Web Management Workshop Queen’s University Belfast Monday 25 June 2001 Ed Bristow, PKI Technical Manager, Australian Taxation Office
  2. 2. Agenda • Who am I? Why am I here? • The what, why and wherefore of PKI • The Australian Scene • The ATO PKI • The Future
  3. 3. Canberra •Canberra
  4. 4. Some definitions • PKI - Public Key Infrastructure – The technology, policies and processes involved in generation, signing, issue and use of asymmetric ciphers and digital certificates • ATO - Australian Taxation Office • BAS - Business Activity Statement – Monthly or quarterly business tax report completed by all Australian businesses • SSL - Secure Sockets Layer – Standard for encryption of connection between web server and browser. Now at Version 3.0. • S/MIME - Secure Multipurpose Internet Mail Extensions (RFC 1521) – A standard for creating securely wrapped messages
  5. 5. More Definitions • OCSP - Online Certificate Status Protocol. – Standard (RFC 2560) for the checking of a certificate’s revocation status in real time • CRL - Certificate revocation list – List of serial numbers of revoked certificates, published periodically by CA. Part of X.509 (RFC 2459) • DMZ - Demilitarised zone. – Area between outer and inner firewalls where elements of a site’s security architecture is deployed • X.500 - Standard for Internet directories • LDAP - Lightweight Directory Access Protocol • PKCS - Proprietary (but industry-wide) standards developed and maintained by RSA Security Inc
  6. 6. Why PKI • E-commerce on the rise • The Internet is a dangerous place • The importance of standards • Digital signatures promise remote, un- repudiable authentication • The dream of PKI - certificate once, authenticate everywhere
  7. 7. Key Topics • Confidentiality • Authentication • Authorisation
  8. 8. Confidentiality • Is SSL good enough? – Data is vulnerable on the server – Enforce strong cipher suites • Consider use of S/MIME – Decryption is done deeper in DMZ • Need to pay attention to web site design • Some products don’t support two key pairs
  9. 9. Authentication • What to use? – User ID & Password • Simple for users, but have to be administered & can be cracked – Shared Secret • Just how secure is the secret? • Doesn’t also provide integrity & non-repudiation – Digital Certificates • It’s not a trivial decision
  10. 10. Authorisation • The next big challenge • The unrealised potential of X.500 & LDAP • Products starting to emerge • Active Directory & Kerberos in Windows 2000 • Solutions are policy & directory based • What’s the degree of fit?
  11. 11. Can PKI be made to work? • It does cost! • But it does also deliver • Many standards based components • But overall solution will need to be customised • Native browser based PKI is just not up to it at present
  12. 12. What are the major issues? • Registration • Key & Certificate distribution • End-user application design • Server side design
  13. 13. Registration • Binds the identity to the public key • Get this wrong and there’s no point in worrying about the rest • Can be logistically difficult (and expensive) – Especially with geographically dispersed population • Are there opportunities to leverage another progress?
  14. 14. End-User application design • Native browser, applet or fat client • What platforms to support? – Windows & Mac – IE & Netscape • How are private keys stored & accessed – Smart card (PKCS#11) – ‘Soft Key’ (PKCS#12)
  15. 15. Server Side Design • Performance • Availability • Certificate validation – OCSP vs CRL • Do responses need to be signed? • Accept keys and certificates from multiple CA’s or just one?
  16. 16. Overall • Assess the value and importance of transactions • Threat and risk analysis as first step • look for leverage opportunities
  17. 17. Australia - Land of Contrasts • Strengths – Innovative culture – Early adopters – Government sector prepared to lead – Small enough for national solutions to be viable – ‘Can do’ attitude
  18. 18. Australia - Land of Contrasts • Weaknesses – 7 + 2 Governments – Short electoral cycle – Small population base – Geographic Isolation – ‘Branch Office’ Economy – Slow telecoms in rural and remote areas – ‘The Tyranny of Distance’
  19. 19. Gatekeeper • Federal Government has provided a lead • Accreditation scheme for CA’s and RA’s • Mandated for Federal government agencies • Also signed-up to by states (no mean feat!) • Cross-recognition of Australian Identrus CA’s
  20. 20. Gatekeeper - Drawbacks • High barrier to entry • Onerous accreditation requirements – ATO completed 33 different documents – Can be too slow for commercial requirements • Focus to date has been on business – PKI for individuals still some way off • But Gatekeeper2 is coming ...
  21. 21. Gatekeeper - Progress • ATO was first to achieve full accreditation • Commercial sector (eSign & Baltimore) now also fully accredited • Government-sponsored standard for certificates – Contains Australian Business Number (ABN) – Can be used by businesses to deal with government at all levels – Can be issued by any accredited or cross- recognized CA
  22. 22. The ATO • Main revenue collection authority for Commonwealth Government • Collects Income Tax, GST, Excise and other taxes • Approx 20,000 Staff • Facing the ‘electronic challenge’ – Improve services – Reduce costs – Change the paradigm of interaction
  23. 23. ATO Electronic Initiatives • Agent lodged Income Tax returns via X.25 and proprietary s/w since 1991 – Now accounts for > 75% of all returns • Self-lodged Income Tax returns via pre- Gatekeeper PKI-enabled ‘e-tax’ system – Now in 4th year of operation – Expect 400,000 lodgments this year
  24. 24. PKI in the ATO • First full Gatekeeper accreditation • Support of tax Reform – GST (VAT type tax) from 1/7/2001 – New reporting regime for business • Not our core business! • 100k certificate pairs issued
  25. 25. The ATO PKI Project • Created and rolled-out an accredited PKI in less than 9 months • High pressure project – Short time frame – Legislative deadline – Complex requirements • Breaking new ground
  26. 26. Features • Rely on business registration process to feed the RA – Integrated with legacy (DB2/OS390) database • Centrally-generated keys • Distribution via Internet • Two key pairs/certificates – Authentication (Signing) – Confidentiality (Encryption)
  27. 27. Constraints • Very rapid roll-out required – 145,000 in first month (achieved) • Security requirements on certificate download • Use Baltimore technology (UniCERT) • Drop dead deadline (legislative) • Outsourced infrastructure
  28. 28. The Good • 100,000 sets of keys and certificates distributed in first year of operation • 70,000 businesses registered to deal electronically • Over 500,000 e-BAS’s lodged • Most find process fairly straightforward • Businesses appear happy with authentication and confidentiality provided • Vastly lower rejection and intervention rates on e- BAS’s • Quicker refunds (where payable)
  29. 29. The Bad • Teething problems - rapid roll-out • Design issues - eg including ATO-specific data in certificate • User experience (eg download) still not satisfactory • Lack of perceived value to business • Process to get certificates and e-BAS complex - plenty of opportunities for problems • logistical delays (eg PIC mailer printing) • Marketing in a saturated environment
  30. 30. The Ugly • Keys and certificates delivered in browser unfriendly package • Changes in external S/W (eg IE 5.5 SP1) can have near-catastrophic effects • Technical (il)literacy of some users • Security can have serious effects on useability • Data quality (esp. e-mail addresses)
  31. 31. Learnings • Key success factors – ‘Drop dead’ deadline – Strong corporate support – Small, strongly focussed team – Exploitation of skills and knowledge of partners • Pay attention to useability – Otherwise - help desk gets very busy! • Understand the customer - market segmentation
  32. 32. The Future - Some Questions • Will PKI become universal, or is it just too hard? • Is the Internet too dangerous a place to do business? • Can schemes like Gatekeeper ever really succeed? • Can anyone make serious money out of PKI?
  33. 33. The Future - Some Answers • RSA appears to be unassailable - for now – We can be confident about the technology • Success of PKI depends on – Robust and trustable registration processes – Useful applications - there must be a value proposition – Making the technology transparent • Australian model has significant strengths – Universal scheme – Standards based - vendor neutral – Public-Private sector partnership
  34. 34. Links www.ato.gov.au www.taxreform.ato.gov.au www.ato-pki.ato.gov.au www.govonline.gov.au www.baltimore.com www.esign.com.au www.identrus.com
  35. 35. Thank You

×