SlideShare a Scribd company logo

CoverSpace : Certificate authority for internal use plus e tax and e-policy01

Damrongsak Kobtakul
Damrongsak Kobtakul

1) Digital certificates and digital signatures can be used to verify identities and authenticate documents digitally, replacing physical identification methods. 2) Certificate Authorities issue digital certificates that contain a public key and identity information, signed with the CA's private key, allowing authentication through digital signatures. 3) Hardware security modules (HSMs) are needed to securely generate, store, and manage the cryptographic keys used to digitally sign documents, providing a trusted foundation for electronic document and identity verification.

Business
1 of 35
Download to read offline
Certificate Authority for Internal Use Plus e-Tax and e-Policy 1, Soi Phutthabucha 2,Phutthabucha Rd., Bangmod Sub district. Jomthong District, Bangkok 10150, Thailand. Tel : +66(0)24278216 Fax : +66(0)24278217 Mobile : +66(0)61-6394914 ,+66(0)86-4144392 Line ID : Ohayo007 COVERSPACE CO., LTD.
2 DIGITAL CERTIFICATES
3 Real World ID Certificates > Proving who you are in the real world > The government (TTP) vouches for identity > If the certificate looks authentic, identifying marks, as picture, identify the person > Printed to make it hard to forge Name: James Bond Address: Somewhere Date of Birth: 1954 State of Fleming– ID certificate
4 Digital Certificates – Digital ID >A Digital document, containing the public key + identity information, digitally signed by a Certificate Authority (CA). >The public key replaces the photo For digitally verifying the user’s identity. >If the CA is trusted, a Challenge-Response protocol can be used for authentication. Name: James Bond email james@serv.com Public Key: 1f 0a 01 15 96 9a 5a 1c cc ab 1b f1 13 e8 Expiry Date: 3/5/00 CA Name: VeriSign CA Signature: 15 2f 36 1a
5 Real vs. Digital Certificates Name: James Bond Address: Somewhere Date of Birth: 1954 State of Fleming– ID certificate Name: James Bond email james@serv.com Public Key: 1f 0a 01 15 96 9a 5a 1c cc ab 1b f1 13 e8 Expiry Date: 3/5/00 CA Name: VeriSign CA Signature: 15 2f 36 1a > A means of proving identity: In Person / Digitally > The issuer vouches for James’ Identity: The government / a Certification Authority > If the certificate is found authentic, James can be identified by his: Looks (Picture) / Digital Signature (Based on Public Key) > Signed by: Government / the CA
6 Digital Signature > A digital signature is a small amount of data that was created using a Private Key > The user’s own Private Key is used to sign the data > The user’s Public Key is used to verify that the signature was really generated using the corresponding Private Key > Digital signatures are used to verify that a message really comes from the claimed sender … assuming only the sender holds the Private Key corresponding to the verifying Public Key)
7 Features of Digital Signatures > A digital signature should: > Be unforgeable (convince us that Alice signed – origin of data) > Authenticate (prevent anyone from changing the document after it has been signed) > Be hard to copy (remain secure even after seeing many signatures) > Important property – non-repudiation: > The owner of the signature cannot later deny that she signed (provides “proof of order”) > This is essential for electronic commerce and accountability > Digital signatures are messages that are hashed and then encrypted by the private key > The private key is essential for signing > To verify the signature, we must be sure of the Public Key owner’s identity
8 One-Way Hash Algorithms > Reduce a variable size block of data to a small – fixed size value called hash value > Operate one way – the original data cannot be derived from the hash value > The same data will always yield the same hash value > It is very hard to find different data blocks with the same hash value (in reasonable time). Therefore, in reality, different data blocks will yield different hash values. Hashing Algorithm Data 100110101 Hash Value Different Data 011010111 Different
9 Using Hash for Digital Signing Verification (Decryption) Hashing Algorithm Signing (Encryption) Hashing Algorithm 1101011011 Bob (Sender) Alice (Receiver) Plain Text Message + Signature Compare! Bob’s Private Key Bob’s Public Key 1101011011 1101011011
10 Whom Do We Trust? > When doing business, there has to be a body we trust to issue certificates > The trusted party that issues certificates to the identified entities is the Certification Authority (CA). > Policies ensure that every certificate applicant goes through a known procedure that verifies his/her identity > Policies enable clients of the CA to evaluate the amount of trust that can be given to a digital certificate > As a common Trusted Third Party, the CA enables two individuals to trust each other’s authenticity > By holding the CA’s Public Key (Root Certificate), users can validate the signature of certified users – by trusting the authenticity of their public keys.
11 Trusting the Root Certificate > Existing Root certificates can be view through the Content tab in IE Tools Internet Options
12 Internal CA Hierarchy > Root CA > Most trusted certificate > Best security > Least accessibility > Others > With distance from root > Decreasing security > Increasing accessibility Accessibility Security Root CA Intermediate CA1 Intermediate CA2 End Users
13 Use Case: eDocuments
14 Industry Challenge: Moving from paper to digital documents improves efficiencies for invoice processing, storage, and retrieval while eliminating the cost and complexity of issuing and storing large amounts of paper based invoices. Security Challenge: To instill confidence in eDocuments security measures must be taken to establish trust as documents change hands, ensure document integrity, and prevent repudiation Role of HSMs: HSMs are the cornerstone for establishing this trust- safeguarding the cryptographic keys that will sign/verify the documents, providing security in the digital process, and ensuring trust across all parties. Benefits: Data is secured and stored to produce electronic evidence. Relieves administrative burden by reducing the risk of human error. Increases productivity for lower overall costs. Moving from Paper to Digital: eDocuments Why are HSMs needed?
15 Secure Digital Documents Why SafeNet HSMs are the right fit for eDocument Schemes SafeNet HSMs offer the robust security capabilities that ensure compliance with the European Directive on Invoicing, Brazil Notal Fiscal (NF-e), and other regulations. SafeNet HSMs are highly secure FIPS 140-2 and Common Criteria certified appliances capable of providing the high entropy key material required in eDocument schemes. Centralizing cryptographic keys and policy management on SafeNet HSMs allows businesses to significantly reduce the administration associated with managing digital signatures in a distributed, disparate fashion. With a secure , high performance, eDocument system in place, organizations are well equipped to integrate digital documents with other backend applications, such as procurement and enterprise resource planning, which can lead to further efficiency and accuracy gains.
16 Deployment Example The role of HSMs in secure eDocument processes
17 Deployment Example The role of HSMs in secure eDocument processes
18 Sample Certificate
19 Corporate Digital Sign Sample
20 Digital Sign Properties
21 Counter Digital Sign Sample
22 Tax Invoice Sample
23 Standard Document System SMTP eMail Server ERP System Receipt Printing Staff Automated Billing System Mass Printing Standard Mail
24 Smartcard Contact, Contactless and Physical Access Supported Solutions > Remote access (VPN) > Network access > Proximity access > Digital signing > Data security > Picture ID Badge Certifications* > FIPS 140-2 certified > Common Criteria certified
25 Digital Sign Policy System SMTP eMail Server Policy System Receipt Printing Users Automated Printing System Mass Printing Standard Mail Traditional Printing System
26 Luna SA HSM SafeNet Luna SA – Network Attached HSM FIPS 140-2 Level 3 and Common Criteria EAL4+ validated Trusted Keys in Hardware Segregated DNS Domain key storage (100 partitions) High Performance – 7,000 tps Key Storage capabilities – Scale 10,000 keys/per HSM
27 Automated Digital Sign Policy System SMTP eMail Server Policy System Receipt Printing Users Automated Printing System Mass Printing Standard Mail HSM Traditional Printing System
28 Document Signing Software 28
29 PDF Signing Diagram Policy System eMail Server HSM Unsigned PDF Signed PDF Signing Software / API Coding Online Customer
30 PDF Signing Result 30
31 XML Signing Diagram 01 Policy System eMail Server HSM Unsigned XML Signed XML Signing Software / API Coding Online Customer
32 XML Signing Diagram 02 Policy System eMail Server HSM Signed PDF Signing Software / API Coding Revenue Department Database Online Customer
33 Unsigned XML File 33
34 Signed XML File 34
35 35

Recommended

Digital signatures
Digital signaturesDigital signatures
Digital signatures
atuljaybhaye
 
An Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On SigncryptionAn Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On Signcryption
ijcisjournal
 
It act
It actIt act
It actYogesh Thawait
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
st anns PG College,Mallapur,Hyderabad, India
 
Dsc ppt
Dsc pptDsc ppt
Dsc ppt
Earnlogicconsultants
 
What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]
Kamal Thakur
 
Protection on cyber fraud
Protection on cyber fraudProtection on cyber fraud
Protection on cyber fraudBUSINESS SOFTWARES & SOLUTIONS
 
Digital signature
Digital signatureDigital signature
Digital signature
Yash Karanke
 

Recommended

Digital signatures
Digital signaturesDigital signatures
Digital signatures
atuljaybhaye
 
An Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On SigncryptionAn Improvement To The Set Protocol Based On Signcryption
An Improvement To The Set Protocol Based On Signcryption
ijcisjournal
 
It act
It actIt act
It actYogesh Thawait
 
D.Silpa
D.SilpaD.Silpa
D.Silpa
st anns PG College,Mallapur,Hyderabad, India
 
Dsc ppt
Dsc pptDsc ppt
Dsc ppt
Earnlogicconsultants
 
What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]What are the duties of the subscriber of Digital Signature Certificate? [#48]
What are the duties of the subscriber of Digital Signature Certificate? [#48]
Kamal Thakur
 
Protection on cyber fraud
Protection on cyber fraudProtection on cyber fraud
Protection on cyber fraudBUSINESS SOFTWARES & SOLUTIONS
 
Digital signature
Digital signatureDigital signature
Digital signature
Yash Karanke
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature
Mahmoud Ezzat
 
Digital signature
Digital signatureDigital signature
Digital signature
Mohanasundaram Nattudurai
 
Improving System Security and User Privacy in Secure Electronic Transaction (...
Improving System Security and User Privacy in Secure Electronic Transaction (...Improving System Security and User Privacy in Secure Electronic Transaction (...
Improving System Security and User Privacy in Secure Electronic Transaction (...
IJERA Editor
 
Digital signature
Digital signatureDigital signature
Digital signaturegajerachetan
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2Ankita Dave
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureRahul Yadav
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
Deevena Dayaal
 
Blockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsBlockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
PiChainAdministrator
 
Blockchain Interoperability Innovation Insights from Patents
Blockchain Interoperability Innovation Insights from PatentsBlockchain Interoperability Innovation Insights from Patents
Blockchain Interoperability Innovation Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Digital signature
Digital signatureDigital signature
Digital signature
Renu Verma
 
Paper id 2320146
Paper id 2320146Paper id 2320146
Paper id 2320146IJRAT
 
Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signatureNetri Chowdhary
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificateAshvini Soni
 
Project security
Project securityProject security
Project security
maryam H
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
CheapSSLUSA
 
Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
svm
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx
9jz8vgkshv
 

More Related Content

What's hot

Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Sonu Mishra
 
E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature
Mahmoud Ezzat
 
Digital signature
Digital signatureDigital signature
Digital signature
Mohanasundaram Nattudurai
 
Improving System Security and User Privacy in Secure Electronic Transaction (...
Improving System Security and User Privacy in Secure Electronic Transaction (...Improving System Security and User Privacy in Secure Electronic Transaction (...
Improving System Security and User Privacy in Secure Electronic Transaction (...
IJERA Editor
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2Ankita Dave
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureRahul Yadav
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
Deevena Dayaal
 
Blockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsBlockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
PiChainAdministrator
 
Blockchain Interoperability Innovation Insights from Patents
Blockchain Interoperability Innovation Insights from PatentsBlockchain Interoperability Innovation Insights from Patents
Blockchain Interoperability Innovation Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Digital signature
Digital signatureDigital signature
Digital signature
Renu Verma
 
Paper id 2320146
Paper id 2320146Paper id 2320146
Paper id 2320146IJRAT
 
Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signatureNetri Chowdhary
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificateAshvini Soni
 
Project security
Project securityProject security
Project security
maryam H
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
CheapSSLUSA
 

What's hot (20)

Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature E-Signature Vs. Digital Signature
E-Signature Vs. Digital Signature
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Improving System Security and User Privacy in Secure Electronic Transaction (...
Improving System Security and User Privacy in Secure Electronic Transaction (...Improving System Security and User Privacy in Secure Electronic Transaction (...
Improving System Security and User Privacy in Secure Electronic Transaction (...
 
Digital signature
Digital signatureDigital signature
Digital signature
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Blockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from PatentsBlockchain Privacy Innovation Insights from Patents
Blockchain Privacy Innovation Insights from Patents
 
Esign or Electronic Signature
Esign or Electronic SignatureEsign or Electronic Signature
Esign or Electronic Signature
 
Blockchain Interoperability Innovation Insights from Patents
Blockchain Interoperability Innovation Insights from PatentsBlockchain Interoperability Innovation Insights from Patents
Blockchain Interoperability Innovation Insights from Patents
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Paper id 2320146
Paper id 2320146Paper id 2320146
Paper id 2320146
 
Digital certificate & signature
Digital certificate & signatureDigital certificate & signature
Digital certificate & signature
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificate
 
Project security
Project securityProject security
Project security
 
Understanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets LayerUnderstanding Digital Certificates & Secure Sockets Layer
Understanding Digital Certificates & Secure Sockets Layer
 

Similar to CoverSpace : Certificate authority for internal use plus e tax and e-policy01

Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
svm
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx
9jz8vgkshv
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptx
MuthuvasanSR
 
Digital Identity & Security
Digital Identity & SecurityDigital Identity & Security
Digital Identity & Security
Michael Bromby
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Market Engel SAS
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
Avirot Mitamura
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
Vivaka Nand
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
KrutiShah114
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificate
Digitalcertificate
 
PKI - The Backbone of Digital Signatures - DrySign by Exela
PKI - The Backbone of Digital Signatures - DrySign by ExelaPKI - The Backbone of Digital Signatures - DrySign by Exela
PKI - The Backbone of Digital Signatures - DrySign by Exela
Drysign By Exela
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
Mohamed Talaat
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
Iaetsd Iaetsd
 
Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI Infrastructure
Shubham Sharma
 
Digital Signature Certificate DSC
Digital Signature Certificate DSCDigital Signature Certificate DSC
Digital Signature Certificate DSC
Abhishek Taxxinn
 
E-Business security
E-Business security E-Business security
E-Business security
Surendhranatha Reddy
 
Qafis, Regular smartcards 150313001
Qafis, Regular smartcards 150313001Qafis, Regular smartcards 150313001
Qafis, Regular smartcards 150313001
Qafis
 
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!Process Fusion Inc
 

Similar to CoverSpace : Certificate authority for internal use plus e tax and e-policy01 (20)

Digital certificates & its importance
Digital certificates & its importanceDigital certificates & its importance
Digital certificates & its importance
 
Digital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptxDigital Signature in Indian Evidence act .pptx
Digital Signature in Indian Evidence act .pptx
 
Digital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptxDigital Signatdsbuisduifhudosffdosfure.pptx
Digital Signatdsbuisduifhudosffdosfure.pptx
 
Digital Identity & Security
Digital Identity & SecurityDigital Identity & Security
Digital Identity & Security
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
 
120 i143
120 i143120 i143
120 i143
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificate
 
PKI - The Backbone of Digital Signatures - DrySign by Exela
PKI - The Backbone of Digital Signatures - DrySign by ExelaPKI - The Backbone of Digital Signatures - DrySign by Exela
PKI - The Backbone of Digital Signatures - DrySign by Exela
 
Digital Signature
Digital SignatureDigital Signature
Digital Signature
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
 
Digital signature & PKI Infrastructure
Digital signature & PKI InfrastructureDigital signature & PKI Infrastructure
Digital signature & PKI Infrastructure
 
Digital Signature Certificate DSC
Digital Signature Certificate DSCDigital Signature Certificate DSC
Digital Signature Certificate DSC
 
E-Business security
E-Business security E-Business security
E-Business security
 
Qafis, Regular smartcards 150313001
Qafis, Regular smartcards 150313001Qafis, Regular smartcards 150313001
Qafis, Regular smartcards 150313001
 
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
apidays LIVE Paris 2021 - Identification & Authentication for Individuals wit...
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!
 

More from Damrongsak Kobtakul

Alad k1220 t-g ds-en [1]
Alad k1220 t-g ds-en [1]Alad k1220 t-g ds-en [1]
Alad k1220 t-g ds-en [1]
Damrongsak Kobtakul
 
CoverSpace solution v. 05
CoverSpace solution v. 05 CoverSpace solution v. 05
CoverSpace solution v. 05
Damrongsak Kobtakul
 
CoverSpace : E-tax invoice & e-receipt (version 2.2)
CoverSpace : E-tax invoice & e-receipt (version 2.2)CoverSpace : E-tax invoice & e-receipt (version 2.2)
CoverSpace : E-tax invoice & e-receipt (version 2.2)
Damrongsak Kobtakul
 
CoverSpace cloud VS physical sever
CoverSpace cloud VS physical severCoverSpace cloud VS physical sever
CoverSpace cloud VS physical sever
Damrongsak Kobtakul
 
CoverSpace cloud (iaas only)
CoverSpace cloud (iaas only)CoverSpace cloud (iaas only)
CoverSpace cloud (iaas only)
Damrongsak Kobtakul
 
Cover space solution v. 02
Cover space solution v. 02 Cover space solution v. 02
Cover space solution v. 02
Damrongsak Kobtakul
 

More from Damrongsak Kobtakul (6)

Alad k1220 t-g ds-en [1]
Alad k1220 t-g ds-en [1]Alad k1220 t-g ds-en [1]
Alad k1220 t-g ds-en [1]
 
CoverSpace solution v. 05
CoverSpace solution v. 05 CoverSpace solution v. 05
CoverSpace solution v. 05
 
CoverSpace : E-tax invoice & e-receipt (version 2.2)
CoverSpace : E-tax invoice & e-receipt (version 2.2)CoverSpace : E-tax invoice & e-receipt (version 2.2)
CoverSpace : E-tax invoice & e-receipt (version 2.2)
 
CoverSpace cloud VS physical sever
CoverSpace cloud VS physical severCoverSpace cloud VS physical sever
CoverSpace cloud VS physical sever
 
CoverSpace cloud (iaas only)
CoverSpace cloud (iaas only)CoverSpace cloud (iaas only)
CoverSpace cloud (iaas only)
 
Cover space solution v. 02
Cover space solution v. 02 Cover space solution v. 02
Cover space solution v. 02
 

Recently uploaded

Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdfSearch Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Arihant Webtech Pvt. Ltd
 
Improving profitability for small business
Improving profitability for small businessImproving profitability for small business
Improving profitability for small business
Ben Wann
 
LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024
Lital Barkan
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
Aurelien Domont, MBA
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
balatucanapplelovely
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
Erika906060
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Navpack & Print
 
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).pptENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
zechu97
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
LR1709MUSIC
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
Bojamma2
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
Falcon Invoice Discounting
 
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptxCADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
fakeloginn69
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
agatadrynko
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
seri bangash
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
tjcomstrang
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
zoyaansari11365
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
Operational Excellence Consulting
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
creerey
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
seoforlegalpillers
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
Adam Smith
 

Recently uploaded (20)

Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdfSearch Disrupted Google’s Leaked Documents Rock the SEO World.pdf
Search Disrupted Google’s Leaked Documents Rock the SEO World.pdf
 
Improving profitability for small business
Improving profitability for small businessImproving profitability for small business
Improving profitability for small business
 
LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024LA HUG - Video Testimonials with Chynna Morgan - June 2024
LA HUG - Video Testimonials with Chynna Morgan - June 2024
 
Digital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and TemplatesDigital Transformation and IT Strategy Toolkit and Templates
Digital Transformation and IT Strategy Toolkit and Templates
 
The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...The effects of customers service quality and online reviews on customer loyal...
The effects of customers service quality and online reviews on customer loyal...
 
Attending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learnersAttending a job Interview for B1 and B2 Englsih learners
Attending a job Interview for B1 and B2 Englsih learners
 
Affordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n PrintAffordable Stationery Printing Services in Jaipur | Navpack n Print
Affordable Stationery Printing Services in Jaipur | Navpack n Print
 
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).pptENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
ENTREPRENEURSHIP TRAINING.ppt for graduating class (1).ppt
 
FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134FINAL PRESENTATION.pptx12143241324134134
FINAL PRESENTATION.pptx12143241324134134
 
The-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic managementThe-McKinsey-7S-Framework. strategic management
The-McKinsey-7S-Framework. strategic management
 
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-indiafalcon-invoice-discounting-a-premier-platform-for-investors-in-india
falcon-invoice-discounting-a-premier-platform-for-investors-in-india
 
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptxCADAVER AS OUR FIRST TEACHER anatomt in your.pptx
CADAVER AS OUR FIRST TEACHER anatomt in your.pptx
 
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdfikea_woodgreen_petscharity_cat-alogue_digital.pdf
ikea_woodgreen_petscharity_cat-alogue_digital.pdf
 
Memorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.pptMemorandum Of Association Constitution of Company.ppt
Memorandum Of Association Constitution of Company.ppt
 
20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf20240425_ TJ Communications Credentials_compressed.pdf
20240425_ TJ Communications Credentials_compressed.pdf
 
Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111Introduction to Amazon company 111111111111
Introduction to Amazon company 111111111111
 
Sustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & EconomySustainability: Balancing the Environment, Equity & Economy
Sustainability: Balancing the Environment, Equity & Economy
 
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBdCree_Rey_BrandIdentityKit.PDF_PersonalBd
Cree_Rey_BrandIdentityKit.PDF_PersonalBd
 
What is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdfWhat is the TDS Return Filing Due Date for FY 2024-25.pdf
What is the TDS Return Filing Due Date for FY 2024-25.pdf
 
The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...The Influence of Marketing Strategy and Market Competition on Business Perfor...
The Influence of Marketing Strategy and Market Competition on Business Perfor...
 

CoverSpace : Certificate authority for internal use plus e tax and e-policy01

  • 1. Certificate Authority for Internal Use Plus e-Tax and e-Policy 1, Soi Phutthabucha 2,Phutthabucha Rd., Bangmod Sub district. Jomthong District, Bangkok 10150, Thailand. Tel : +66(0)24278216 Fax : +66(0)24278217 Mobile : +66(0)61-6394914 ,+66(0)86-4144392 Line ID : Ohayo007 COVERSPACE CO., LTD.
  • 3. 3 Real World ID Certificates > Proving who you are in the real world > The government (TTP) vouches for identity > If the certificate looks authentic, identifying marks, as picture, identify the person > Printed to make it hard to forge Name: James Bond Address: Somewhere Date of Birth: 1954 State of Fleming– ID certificate
  • 4. 4 Digital Certificates – Digital ID >A Digital document, containing the public key + identity information, digitally signed by a Certificate Authority (CA). >The public key replaces the photo For digitally verifying the user’s identity. >If the CA is trusted, a Challenge-Response protocol can be used for authentication. Name: James Bond email james@serv.com Public Key: 1f 0a 01 15 96 9a 5a 1c cc ab 1b f1 13 e8 Expiry Date: 3/5/00 CA Name: VeriSign CA Signature: 15 2f 36 1a
  • 5. 5 Real vs. Digital Certificates Name: James Bond Address: Somewhere Date of Birth: 1954 State of Fleming– ID certificate Name: James Bond email james@serv.com Public Key: 1f 0a 01 15 96 9a 5a 1c cc ab 1b f1 13 e8 Expiry Date: 3/5/00 CA Name: VeriSign CA Signature: 15 2f 36 1a > A means of proving identity: In Person / Digitally > The issuer vouches for James’ Identity: The government / a Certification Authority > If the certificate is found authentic, James can be identified by his: Looks (Picture) / Digital Signature (Based on Public Key) > Signed by: Government / the CA
  • 6. 6 Digital Signature > A digital signature is a small amount of data that was created using a Private Key > The user’s own Private Key is used to sign the data > The user’s Public Key is used to verify that the signature was really generated using the corresponding Private Key > Digital signatures are used to verify that a message really comes from the claimed sender … assuming only the sender holds the Private Key corresponding to the verifying Public Key)
  • 7. 7 Features of Digital Signatures > A digital signature should: > Be unforgeable (convince us that Alice signed – origin of data) > Authenticate (prevent anyone from changing the document after it has been signed) > Be hard to copy (remain secure even after seeing many signatures) > Important property – non-repudiation: > The owner of the signature cannot later deny that she signed (provides “proof of order”) > This is essential for electronic commerce and accountability > Digital signatures are messages that are hashed and then encrypted by the private key > The private key is essential for signing > To verify the signature, we must be sure of the Public Key owner’s identity
  • 8. 8 One-Way Hash Algorithms > Reduce a variable size block of data to a small – fixed size value called hash value > Operate one way – the original data cannot be derived from the hash value > The same data will always yield the same hash value > It is very hard to find different data blocks with the same hash value (in reasonable time). Therefore, in reality, different data blocks will yield different hash values. Hashing Algorithm Data 100110101 Hash Value Different Data 011010111 Different
  • 9. 9 Using Hash for Digital Signing Verification (Decryption) Hashing Algorithm Signing (Encryption) Hashing Algorithm 1101011011 Bob (Sender) Alice (Receiver) Plain Text Message + Signature Compare! Bob’s Private Key Bob’s Public Key 1101011011 1101011011
  • 10. 10 Whom Do We Trust? > When doing business, there has to be a body we trust to issue certificates > The trusted party that issues certificates to the identified entities is the Certification Authority (CA). > Policies ensure that every certificate applicant goes through a known procedure that verifies his/her identity > Policies enable clients of the CA to evaluate the amount of trust that can be given to a digital certificate > As a common Trusted Third Party, the CA enables two individuals to trust each other’s authenticity > By holding the CA’s Public Key (Root Certificate), users can validate the signature of certified users – by trusting the authenticity of their public keys.
  • 11. 11 Trusting the Root Certificate > Existing Root certificates can be view through the Content tab in IE Tools Internet Options
  • 12. 12 Internal CA Hierarchy > Root CA > Most trusted certificate > Best security > Least accessibility > Others > With distance from root > Decreasing security > Increasing accessibility Accessibility Security Root CA Intermediate CA1 Intermediate CA2 End Users
  • 14. 14 Industry Challenge: Moving from paper to digital documents improves efficiencies for invoice processing, storage, and retrieval while eliminating the cost and complexity of issuing and storing large amounts of paper based invoices. Security Challenge: To instill confidence in eDocuments security measures must be taken to establish trust as documents change hands, ensure document integrity, and prevent repudiation Role of HSMs: HSMs are the cornerstone for establishing this trust- safeguarding the cryptographic keys that will sign/verify the documents, providing security in the digital process, and ensuring trust across all parties. Benefits: Data is secured and stored to produce electronic evidence. Relieves administrative burden by reducing the risk of human error. Increases productivity for lower overall costs. Moving from Paper to Digital: eDocuments Why are HSMs needed?
  • 15. 15 Secure Digital Documents Why SafeNet HSMs are the right fit for eDocument Schemes SafeNet HSMs offer the robust security capabilities that ensure compliance with the European Directive on Invoicing, Brazil Notal Fiscal (NF-e), and other regulations. SafeNet HSMs are highly secure FIPS 140-2 and Common Criteria certified appliances capable of providing the high entropy key material required in eDocument schemes. Centralizing cryptographic keys and policy management on SafeNet HSMs allows businesses to significantly reduce the administration associated with managing digital signatures in a distributed, disparate fashion. With a secure , high performance, eDocument system in place, organizations are well equipped to integrate digital documents with other backend applications, such as procurement and enterprise resource planning, which can lead to further efficiency and accuracy gains.
  • 16. 16 Deployment Example The role of HSMs in secure eDocument processes
  • 17. 17 Deployment Example The role of HSMs in secure eDocument processes
  • 23. 23 Standard Document System SMTP eMail Server ERP System Receipt Printing Staff Automated Billing System Mass Printing Standard Mail
  • 24. 24 Smartcard Contact, Contactless and Physical Access Supported Solutions > Remote access (VPN) > Network access > Proximity access > Digital signing > Data security > Picture ID Badge Certifications* > FIPS 140-2 certified > Common Criteria certified
  • 25. 25 Digital Sign Policy System SMTP eMail Server Policy System Receipt Printing Users Automated Printing System Mass Printing Standard Mail Traditional Printing System
  • 26. 26 Luna SA HSM SafeNet Luna SA – Network Attached HSM FIPS 140-2 Level 3 and Common Criteria EAL4+ validated Trusted Keys in Hardware Segregated DNS Domain key storage (100 partitions) High Performance – 7,000 tps Key Storage capabilities – Scale 10,000 keys/per HSM
  • 27. 27 Automated Digital Sign Policy System SMTP eMail Server Policy System Receipt Printing Users Automated Printing System Mass Printing Standard Mail HSM Traditional Printing System
  • 29. 29 PDF Signing Diagram Policy System eMail Server HSM Unsigned PDF Signed PDF Signing Software / API Coding Online Customer
  • 31. 31 XML Signing Diagram 01 Policy System eMail Server HSM Unsigned XML Signed XML Signing Software / API Coding Online Customer
  • 32. 32 XML Signing Diagram 02 Policy System eMail Server HSM Signed PDF Signing Software / API Coding Revenue Department Database Online Customer
  • 35. 35 35