Wheels turning with secret keys

[InfoSec News <isn () c4i org>]

http://www.nzherald.co.nz/storydisplay.cfm?storyID=333465&thesection=technology&thesubsection=general

18.12.2001
By ADAM GIFFORD 

The E-government unit of the State Services Commission has opted for
an open Public Key Infrastructure (PKI) standard it hopes will lead to
rapid adoption of encryption technology by Government agencies.

The unit has called for New Zealand and international certification
authorities to apply for accreditation to supply keys or digital
certificates to departments.

"This is an open standard so departments can use a number of smart
cards or USB tokens and certificates from any number of See-accredited
certification authorities," said Secure Electronic Environment (See)  
project manager Mike Pearson.

"Digital certificates can come from several suppliers, as opposed to
requiring them to adopt a proprietary system."

He said the E-government unit would accept the credentials for
certification authorities audited for similar schemes overseas, such
as the Australian Tax Office Gatekeeper project.

"Now we've defined a standard, we are encouraging agencies to adopt
this when they are using web-based applications which need secure
authentication," Mr Pearson said.

The See keys will allow departments to more easily create systems
which share sensitive information across agency boundaries.

By using smart cards of USB tokens, staff will not need to remember
more than one password.

"We think there will be savings because about 40 per cent of helpdesk
calls are normally password related - and usually on Monday morning -
so there will be savings from consolidating log-ins," Mr Pearson said.

"People won't be able to claim someone looked over their shoulder and
stole their password, because the token is needed for access as well."

The first Government application to use See keys will be the
Treasury's CFISnet (Crown Financial Information System).

It is also seen as a key part of the Shared Workspace, a secure
electronic environment for project and policy development across
Government agencies.

"By limiting the scope to authentication of public servants, the
accreditation framework is intended to be low cost for certification
authorities compared with similar frameworks in other countries," Mr
Pearson said.

He said the experience PKI agencies should get using See keys should
help the development of a digital signature standard for government,
which is on the agenda for next year.

Ian Hight, the general manager of Baycorp ID Services, said his
company would apply to become a certification authority.

Baycorp ID Services has a close relationship with Baltimore, one of
the leaders in the digital certificate industry.

Mr Hight said the E-government unit had done a good job developing a
standard.

"It's entirely suitable for the New Zealand marketplace."

The corporate sector was also moving to PKI systems.

"Historically, secure communications has focused on issues such as
intrusion protection, firewalls, virus protection and so on. People
are now asking if that is enough."

Mr Hight said that although PKI systems had mainly been bought by
large organisations, "we are starting to see interest from smaller
companies".



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.