building trust and confidence in asia – pki in trust and... · pdf file 3....

Click here to load reader

Post on 26-May-2020

2 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 1

    Building Trust and Confidence in Asia – PKI in Action

    Nik Khairul R A Digicert Sdn Bhd, MALAYSIA

    17 December 2014

    Asia PKI Consortium 2014 Grand Mercure Fortune Bangkok, Thailand

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 2

    Agenda

    1. Business Drivers for Building TRUST 2. Challenges : Building the TRUST 3. Moving Forward : Gaining The TRUST 4. About Us

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 3

    1 Business Drivers for Building TRUST in Electronic ID (PKI) adoption

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 4

    Enabling of e-Services (Counter to Online)

    1. Gov./Business Services are still provided over the counter and requires the physical presence.

    2. Due to lack of effective method to establish trust over digital networks.

    3. The need for trust establishment to advance e- Services in light of the existing and emerging realities.

    4. Evolving forms of identities to address these issues : digital identities and the role of PKI technology.

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 5

    Dubai My E-Identity

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 6

    Moving Forward As Competitive Nation

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 7

    India : More on Moving Forward

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 8

    Malaysia : From Counter to Online (New Direction)

    Government PKI

    20,000+ subscribers

    E-Government 3.5+ Million subscribers

    150,000+ subscribers

    250K+ subscribers

    BNM & CIMBIncome Tax

    Licensed Certificate Authority since 1998

    5 millions eID

    E-Procurement

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 9

    2 Challenges Building the Trust via PKI

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 10

    TRUST !

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 11

    How We Gain the Trust

    1. As an Authority – elected or mandated by committee or government

    2. As an Expert – based on works and track-records, thus gains the confidence

    3. As a Genuine Entity – most challenges but not impossible by demonstrating the true sincerity for contributing goods to the mankind NOT for personal gains or certain groups.

    Nurture the Trust Together

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 12

    Time StampTime Stamp Digital SignatureDigital Signature

    WHEN?WHEN?

    To enhance the authenticity of digital document as that of paper document is, “Evidence” is required to prove the fact that

    the digital data were exchanged to a third party

    To enhance the authenticity of digital document as that of paper document is, “Evidence” is required to prove the fact that

    the digital data were exchanged to a third party

    WHO?WHO?WHAT?WHAT?

    It is difficult to Prove the

    certainty of your own time

    It is difficult to Prove the

    certainty of your own time

    Time used in Time Stamp: Standard Time, which is maintained and managed by National Time Authority can be used to countermeasure for settlement as a presumption.

    Time used in Digital Signature: Your computer clock

    TRUST : More Than This!

    12

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 13

    Right Business Model in the Right Ecosystem

    Citizen/Client Service Requirement

    Information Services

    Transactional Services

    Requirement Submission

    Service Fulfillment

    IDENTIFICATION

    Online Service

    Over The Counter

    Instant Service

    Deferred Service

    SERVICE DELIVERY

    Government/ Companies

    Vendors @ Technology Providers

    Application Providers !User Entities

    Many stakeholders need to be taken care of! Everybody wants their share

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 14

    Case Study : E-SCROLL

    Senate Date

    VC Digital Signature with Timestamp

    Registrar Digital Signature with Timestamp

    Web address to verify e-Scroll & Disclaimer

     University Malaya has embarked e-SCROLL project in 2013

     In PDF format.  Issued about 6K – 10K e-scroll

    every year

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 15

    Real Case : Halal Traceability with eID & Signatures

    Slaughterhouse Warehouse

    Transportation Kitchen

    Retail & Manufactured Food Restaurant

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 16

    The Remaining Challenge : Bringing People, Process and Technology Together To Unlock the True Value of Information Centric Security

    Commercial In Confidence

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 17

    3 Moving Forward Gaining the TRUST

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 18

    Components in Building Trust for PKI Ecosystem

    1. Right Applications  ‘Killer Apps’ or at least easy to use  Strong support from stakeholders

    2. Trusted Application  Honest / Reputable Application Provider  Good software application  Strong support from both management & technical

    3. Correct Business Model  Attractive, and everybody gets the card  Not necessary must be cheap

    4. Awareness, awareness, awareness  Understand the cultural challenges  All stakeholders must understand and appreciate and support

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 19

    To assure your most valuable assets shall not compromise & usable anywhere regardless

    where they are going to

    Information Centric Analogy

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 20

    1. To Get the TRUST

    YOU NEED TO CONTRIBUTE FIRST.

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 21

    2. To Get the TRUST : Start With SIMPLE THING

    1. In digital networks, you need key to identify your identity ie userid & password.  eID is your userid account.

    2. To be more trusted, you need digital certificate (issued by trusted party) with password protected*.  eID is your digital certificate

    eID

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 22

    eID implementation can address

    Confidentiality Authentication

    eID / PKI

    Integrity Accountability

    As common platform that consolidates current and future government/state/organization of eID implementation for any applications and…

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 23

    Visual Signature Initiative for Promoting Paperless

    1. Private key with Visual Signature implementation method.

    2. Private key stored in soft- certificate will be activated using correct password.

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 24

    Digital TRUSTMARK on Client’s PO PDF Doc Serial Number ID 13041112

    Finance Department Approval Digital Seal (with digital signature & timestamp)

    Finance Director Signature with Timestamp

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 25

    3. To Get the TRUST : Persistence & Keep Improving

    Year 2000- 2001 • Tax Payer

    print out and fill up Tax Return Form (Adobe Format) from LHDNM website

    Year 2002 • Tax Payer

    can download Tax Return Form and do e-filling

    • Tax Payer still needs to print and sign on the form manually before submit the form via post or over LHDNM counter

    Year 2003 Onwards • Submission

    of e-Filing Tax Return Form Online

    • MS Excel & My Kad

    Year 2005 - 2007 • Soft

    Certificate • Active X

    Download • Adobe

    Forms • Traditional

    ASP Web Page

    Year 2008 Onwards • Submission

    of e-Filing Tax Return Form Online with the use of PKI Roaming, ASP.NET web page and web services

    • Tax Agent eFiling System (TAeF)

    Year 2010 • Batch

    Submission using Host to Host Application (HTHA) Web Service

    Year 2011 Onwards • WCF

    Services • TAeF

    Module separated from main system

    Year 2012 Onwards • Organizatio

    nal e-Filing (OeF)

    • m-Filing for e-BE

    Our journey implementing Income Tax Application for 10 years

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 26

    Moving Forward ...

    eID

  • Digicert Sdn. Bhd. Copyright 2014 - Commercial In Confidence - PAGE 27

    4. Our Thoughts for Creating eID/PKI Ecosystem for Asia

    1. Start small with good application – Good Business Case 2. Trust Establishment – Simple Baseline (Point-to-point) i.e.