[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: US e-Gov dep. turns to gateway PKI
US e-Gov dep. turns to gateway
PKI
Page 11-13 of the following document which was
presented at PKI Workshop 2005, shows that the gateway security model is alive
and well also in the US (in the northern Europe it is already a de-facto
standard):
Why the DOH have come to the conclusion to use this
model rather than end-to-end security model supported by the US Federal PKI, I
don’t know as I did not attend the workshop. However, recent studies in this
space point to numerous reasons for taking this route, including cost and
migration issues. But probably the major reason for abandoning the end-to-end
security model is due to its inability to support collaborative
inter-organizational business processes and information systems as the following
papers outline:
http://w1.181.telia.com/~u18116613/A.R.AppliedPKI-Lesson-1.pdf
http://w1.181.telia.com/~u18116613/A.R.AppliedPKI-Lesson-2.pdf Long (winding) paper describing more of the
rationale behind the gateway/domain PKI model:
An extensible sustainable
solution
Although not entirely obvious unless you dig deep,
the gateway security architecture is not an “interim” solution waiting for the
real thing (client-side PKI), but rather a very flexible scheme that can “host”
arbitrary other PKI trough “PKI tunneling”.
Smart cards – A fading
proposition
Furthermore, this scheme will long-term also likely
affect client-side security by utilizing smart devices rather than smart cards
in order to make full use of the power of server-level (“virtual”) resources
like VISA’s 3D Secure. This will enable the public sector to replace their
current quite expensive and hard-to-administer purchasing cards, with in-house
server-based administration facilities not requiring any kind of end-user
distribution as well as offering much better control of purchases.
Anders Rundgren
Located in the EU, working for a US company, but
here expressing my personal opinion
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]