Interoperability Challenge of Certified Communication Systems via Internet

Similar documents
eidas & e-delivery CE Midsummer Conference "The role of policy decisions in the postal & delivery industry", Copenhagen (DK), 12 June 2017

ASEAN e-authentication Workshop Balwinder Sahota

Electronic registered delivery services (ERDS) in light of the eidas regulation. Warsaw Common Sign Conference 2015

e-sens Electronic Simple European Networked Services

Cryptography and Network Security. Sixth Edition by William Stallings

DMR Interoperability Process DMR Association

Draft ETSI EN V1.0.0 ( )

Letter of Understanding (LoU) edelivery alignment between the European Commission and OpenPEPPOL

STORK Secure Identity Across Borders Linked

Electronic and digital signatures in Adobe Sign for government.

Technical Trust Policy

Electronic signature framework

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

edelivery Tutorial How can CEF help you set-up your edelivery infrastructure? November 2016

NIS Standardisation ENISA view

e-sens Electronic Simple European Networked Services Klaus Vilstrup Pedersen WP6 Manager DIFI, Norway

PAA PKI Mutual Recognition Framework. Copyright PAA, All Rights Reserved 1

eidas Regulation (EU) 910/2014 eidas implementation State of Play

Security by Any Other Name:

eidas Interoperability Architecture Version November 2015

ETSI TC ESI WORK ON ELECTRONIC REGISTERED DELIVERY SERVICES AND REGISTERED ELECTRONIC MAIL

Implementation Guide for Delivery Notification in Direct

esignature Infrastructure Marketing Model

European Interoperability Framework

Send and Receive Exchange Use Case Test Methods

Cross border eservices STORK 2.0

Comparison of Electronic Signature between Europe and Japan: Possibiltiy of Mutual Recognition

SAT for eid [EIRA extension]

eidas Regulation in the context of Cybersecurity: Electronic seals and website certificates: Two sides of a (gold) medal?

Mail Assure. Quick Start Guide

eidas-node Error Codes

SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Telecommunication security. Technical framework for countering spam

ISO/IEC INTERNATIONAL STANDARD

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 5: REM-MD Interoperability Profiles

Guidance for Requirements for qualified trust service providers: trustworthy systems and products

Interoperability Infrastructure Services

Gateway Certification Authority pilot project

Lightweight Infrastructure for Global Heterogeneous Trust management

EUROPEAN COMMISSION. DIGIT DG CNECT Connecting Europe Facility. SML and SMP. Component Offering Description. CEF edelivery Building Block

SEMI 4845 NEW STANDARD:

eidas Regulation eid and assurance levels Outcome of eias study

CEF eid SMO The use of eid in ehealth. ehealth Network meeting 7 June 2016 Amsterdam

The NIS Directive and Cybersecurity in

Toward Horizon 2020: INSPIRE, PSI and other EU policies on data sharing and standardization

DirectTrust Governmental Trust Anchor Bundle Standard Operating Procedure

Security Aspects of Trust Services Providers

Cloud28+ Compliance in Cross Border Business

The emerging EU certification framework: A role for ENISA Dr. Andreas Mitrakas Head of Unit EU Certification Framework Conference Brussels 01/03/18

simply secure IncaMail Information security Version: V01.10 Date: 16. March 2018 Post CH Ltd 1 / 12

FIPS Management. FIPS Management Overview. Configuration Changes in FIPS Mode

eid building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

Innovation and Cryptoventures. Technology 101. Lee Jacobs and Campbell R. Harvey. February 22, 2017

ehaction Joint Action to Support the ehealth Network

Security and Privacy in Car2Car Adhoc Networks

Direct, DirectTrust, and FHIR: A Value Proposition

Anti-Spoofing. Inbound SPF Settings

EU EHEALTH INTEROPERABILITY,

Overview and Benefits of SEEBURGER AS2 Spokes. Trading Partner Integration Using SEEBURGER'S BIS:AS2 Spoke

SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services Security protocols

THE PROSPECTS OF QUALITY MANAGEMENT INTERNATIONAL STANDARDS AND APPLICATION IN THE UKRAINIAN AGRO-INDUSTRIAL ENTERPRISES

Digital Austria = egov best practice in d Europe

Technical Specification Electronic Signatures and Infrastructures (ESI); Registered Electronic Mail (REM); Part 1: Architecture

CEN & ETSI standards & eidas Compliance

CS 356 Internet Security Protocols. Fall 2013

eidas Regulation (EU) 910/2014 and the Connecting Europe Facility Boosting trust & security in the Digital Single Market

Singapore s National Digital Identity (NDI):

Resilience, Deterrence and Defence: Building strong cybersecurity for the EU

ISO/IEC TR Information technology Security techniques Guidelines for the use and management of Trusted Third Party services

ehealth Network Recommendations on Country Guide for ehealth NCP implementation

Trusted National Identity Schemes. Coralie MESNARD

European Commission Initiatives in telemedicine Presentation endorsed by the European Commission

e SENS Pilots of eid, esignatures and Trusted Services

Digital Single Market Strategy for Europe

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Interoperability & Archives in the European Commission

Technical Overview. Version March 2018 Author: Vittorio Bertola

Securing, Protecting, and Managing the Flow of Corporate Communications

ITU-T Y Next generation network evolution phase 1 Overview

MUTUAL RECOGNITION MECHANISMS. Tahseen Ahmad Khan

Forward set up. Technical team

DIGITALSIGN - CERTIFICADORA DIGITAL, SA.

ENISA Cooperation in the EU / NIS Directive

Semantic Interoperability of Basic Data in the Italian Public Sector Giorgia Lodi

Electronic ID at work: issues and perspective

Vendor: Cisco. Exam Code: Exam Name: ESFE Cisco Security Field Engineer Specialist. Version: Demo

PCI DSS and VNC Connect

Authentication GUIDE. Frequently Asked QUES T ION S T OGETHER STRONGER

ENHANCING CROSS-BORDER EID FEDERATIONS BY USING A MODULAR AND FLEXIBLE ATTRIBUTE MAPPING SERVICE TO MEET NATIONAL LEGAL AND TECHNICAL REQUIREMENTS

DRAFT REVISIONS BR DOMAIN VALIDATION

1) Revision history Revision 0 (Oct 29, 2008) First revision (r0)

Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria

Introduce the major evaluation criteria. TCSEC (Orange book) ITSEC Common Criteria

AN IPSWITCH WHITEPAPER. 7 Steps to Compliance with GDPR. How the General Data Protection Regulation Applies to External File Transfers

eidas-compliant signing of PDF

INFORMATION EXCHANGE GATEWAYS: REFERENCE ARCHITECTURE

Privacy Statement for Use of the Trust Service of Swisscom IT Services Finance S.E., Austria

Network and Information Security Directive

e-submission Quick Reference Guide for Economic Operators

Transcription:

Interoperability Challenge of Certified Communication Systems via Internet Marina Buzzi, IIT-CNR, marina.buzzi@iit.cnr.it Francesco Gennai, ISTI-CNR, francesco.gennai@isti.cnr.it Claudio Petrucci, Agid, petrucci@agid.gov.it egose 2017, 4-7 Sept, ITMO University, St.Petersburg

Agenda Introduction Motivation Certified Communication Systems (CCS) Related Work The Model: Generic CCS (GCCS) Idea Logical scheme Main functions Conclusion

Motivation Developing the full potential of Information and Communication Technology (ICT) can greatly innovate society in a number of sectors ecommerce, egovernment, ehealth, Lack of interoperability and adherence to international standards heavily impacts on economic growth and competitiveness

Certificated Communication Systems (CCS) Several countries have adopted systems to certify communications via Internet CCSs (Certified Communication Systems): Certified Electronic Mail (CEM) systems based on smtp protocol (simple message transfer protocol) Certified systems based on the Hypertext Transfer Protocol (HTTP)

CCS Systems European CCS systems rely on different protocols and formats Interoperability is necessary to enable the exchange of messages between users of different domains Certified/Registered Electronic Mail (CEM/REM) systems (SMTP) PEC (Posta Elettronica Certificata, Italy) DE-MAIL (German DeMail) SI Post (Moja.posta.si Slovenia) AU-DSS (Austrian Document Delivery System) Digital Post in Denmark Sikker Digital Post in Norway Mina meddelanden in Sweden Web-based systems: 1) Universal Postal Union (UPU) developed Postal Registered Electronic Mail Prem 2) PEPPOL (Pan-European Public eprocurement On-Line), for document exchange between Public Administrations, funded by EU

Generic CCS model Challenge: to build worldwide interoperability between certified communication systems The Generic CCS model (GCCS): an open solution to redefine closed CCS systems

CCS CCS systems certify the source of a message Today this is also possible thanks to standard mechanisms available on the Internet SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting and Conformance), Requirements of certification often address also specific needs internal to countries (governmental) "closed" CCSs are different from each other, although solve exactly the same class of problems

CCS identification of the source not of the sender (satisfied by EIDAS specification, eidas electronic IDentification, Authentication and trust Services for electronic transactions) server-user acceptance notification delivery notification server-server notification email communications moving between different providers in the same CCS infrastructure

Generic CCS Idea: to publish a generic specification for describing CCS systems usable as common rules for immediate interoperability between worldwide Providers To illustrate this model we focus on Certified Email Systems (CEM)

GCCS Model Open, interoperable and scalable solution while minimizing the impact on existing infrastructure To this aim the DNS (Domain Name System) is used to store information for the GCCS functioning common practice to take advantage of the attributes of the TXT record of the DNS SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting and Conformance) specifications Advantage: DNS technology can be used to immediately spread protocol information without the need to define new DNS records, keeping the current DNS structure

Related Work Certified e-mail systems showed usability problems (use of public/private key, certificates, etc.) In 2001, to simplify user interaction and reduce costs, a centralized approach has been proposed to provide cryptography as a network service (Dean et al.) client must trust the cryptoserver (which keeps users private keys) Garfinkel et al. (2005) surveyed 400 vendors via Amazon most participants did not know secure email Segeberg (2009) created plugin for making a certified email system easy to interact Bobba et al. (2009) developed a secure mailing list (Secure Email List Services) providing encryption via proxy

Related Work The European Commission supported the creation of a gateway between different Certified Delivery systems Previous actions for reaching cross-border interoperability have mainly focused on bridging existing systems Within this framework the European Telecommunications Standards Institute (ETSI) defined the Technical Specification Registered Electronic Mail (REM) An ETSI Task Force was set up REM Interchange: e-mail Interchange between Registered E-Mail (REM) systems based on different transmission protocols (2011) To assure the conformity to the eidas Regulation, a new document "Rationalized structure for Electronic Signature Standardization" has been published (2015)

Related Work A comparison of policies to fuel certified communication between public sector and citizens in the Scandinavian countries has been carried out by Jansen et al (2016) Similar solutions in comparable contexts Three countries applied different degrees of coercion ranging from mandatory (Denmark), to nudging (Norway), to voluntary (Sweden) Member States have the possibility of applying more or less restrictive policies Voluntary base was adopted slowly while the mandatory achieved better results fast very important since digitalization of communication lowers costs and improves efficiency

Challenge How to solve CCS interoperability problem without referring to any specific systems in a way that is general enough to redefine any certified communication system

Trusted third party Existing Certified e-mail Providers deliver systems that rely on a trusted third party unsuitable for cross-border application, limit the interoperability (Jansen et al.) Paulin & Welzer propose a certified e-mail system that does not rely on a trusted third party for fair non-repudiation of receipt a protocol splits an encrypted message into a chain of parts, which the recipient gradually acquires, generating proof-of-receipt for each individual part It covers only a part of the problem, since it misses the description of a mechanism for abstracting the specific CEM systems in a general public profile

Generic CCS (GCCS) Conceptual openness it specifies a generic model and attribute language to redefine the current CCS functionally equivalent in terms of functions, reliability and degree of security to the original taking advantage of IETF standards Each CEM system could be described by a specific CCS profile It is necessary to create a set of public standard Generic CCS profiles profiles A, B, C, etc. with different levels of security and functions Any provider adopting one of these public profiles can interoperate with any providers adopting the same level of profile without any agreement

GCCS A set of properties that CEM systems would satisfy to be incorporated in the GCCS policy are (Tauber): Non-repudiation of origin (NRO) if the protocol offers evidence against the false denial of having originated the message Non-repudiation of receipt (NRR) if the protocol provides evidence against the false denial of having received the message Non-repudiation of submission (NRS) if the protocol provides evidence against the false denial of having submitted the message Non-repudiation of delivery (NRD) if the protocol provides evidence against the false denial of having delivered the message

GCCS We propose to define a specification using simple language to define a list of attributed value pairs and by adding the definition of some email headers These pairs (attribute, value) are added into TXT records of DNS systems, according to RFC 1464

GCCS Taking advantage of Internet "mechanisms (DNSSec, TXT DNS records, etc.) is possible to define a set of generic abstract rules to describe the behavior of each existing CCS system By using the GCCS (Generic Certified Communication System) rules it is possible to define a generic interface to each of the worldwide CCS systems (national/ government) enabling interoperability between them In the case of two generic ISPs, the independent adoption (not coordinated) of a system compliant with a GCCS profile would mean that the communication between users belonging to these providers would be of the CCS type

GCCS The GCCS defines the technical rules through which each provider declares (via DNS TXT record) Features, level of security (X.509 certificates, CA, DNSSec, etc.), protocols (SMTP, HTTP), timeouts, etc. Profiles establish a minimum level (of functionality, security, etc.) that a particular provider must support in order for a communication to be considered belonging to this CCS type existing CCS systems may be "mapped" on GCCS systems, through the definition of their own functional and security profile

Old CCS CCS DNS Old CCS GCCS Gateway... Old CCS GCCS communication Record MX, TXT National CCS attributes Certificates, public keys CCS Internet GCCS communication Old CCS DNS Record MX, TXT National CCS attributes Certificates, public keys CCS Old CCS CCS GCCS Gateway... Old CCS

GCCS New CCS servers conforming to a GCCS profile are able to communicate directly Old CCS servers (governmental) communicate through a GCCS gateway All CCS servers perform DNS Queries and rely on standard Internet Communications The gateway is able to convert email formats and notifications between a national CCS and external GCCS In alternative it would be possible to identify a common GCCS profile able to try to incorporate all CEM systems

Sender s PEC domain Func,onal schema of PEC 1 message wri,ng, connec,on to the provider 2 user iden,fica,on, formal and security check 4 envelope and sending Receiver s PEC domain 5 origin, integrity, formal and security check 3 Acceptance no,fica,on 7 delivery in the mailbox (electronic address of the receiver) 6 take in charge receipt 8 sent delivery receipt 9 message reading

GCCS A policy can be defined with attributes, defining conditions in incoming and outgoing flows some degree of degradation can be accepted according to the organization/user needs and communicated to the end users The profile can incorporate this policy to establish which one of the declared features and functions (TTP, what TTP certifies, time-outs, etc.) are mandatory or optional and what actions the server has to perform in case one of the mandatory features is not present in the destination or originator GCCS system

Trusted third party (TTP) In the trusting models a "trusted third party (TTP) certifies the participating parties and ensure compliance with common management and operation policies Certification Authority Technology behind the trusting model of a CA -- consisting of public-key signature algorithms, X509 certificates and other technical specifications -- can work even in the absence of the Certification Authority (TTP), obviously with different results from a semantic point of view (trusting) Technology is a basis on which to optionally activate a system of electronic signatures "trusted" throughout the introduction of a CA In the same way, the GCCS model can run without the need of a TTP in a less trusting fashion

Generic CCS system Each provider publishes its working profile (including the security policy) on the DNS (txt record) The GCCS server would be able to: Determine whether a destination domain is a GCCS or standard Internet email Identify the provider of a GCCS domain Identify the profile of the GCCS Provider (working attributes of timeouts, message and notification format) Obtain public keys of any other GCCS provider Obtain any e-mail addresses needed for operational purpose (e.g., e-mail addresses for server-to-server acceptance notifications)

Generic CCS system Each CCS must publish its own public key in the DNS The provider must publish their list of managed CCS domains (record TXT) These functions could be certified by TTPs to add stronger security features (NRO, etc.). This assures flexibility in the interoperability of non-homogeneous CCSs, i.e., one belonging to a TTP and one not All Providers belonging to the same TTP realize a CEM system, according to the TTP specification The TTP publishes the working profile (including the security policy) of the CCS system on the DNS (txt record) In this case the attributes published by TTP overwrite those published by the provider

Conclusion This study suggests a conceptual model to support and fuel worldwide interoperability of Internet Certified Communication Systems (CCSs) worldwide The proposed model has to be validated two different CCSs have to share their technical specifications in order to define a common profile

Questions? Thanks

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback