Скачать презентацию OEWG 09 -06 -2011 Review existing Methods already Скачать презентацию OEWG 09 -06 -2011 Review existing Methods already

e91c99592ac25791c8a33f3f58d2448c.ppt

  • Количество слайдов: 26

OEWG 09 -06 -2011 Review existing Methods already in place for exchange of data OEWG 09 -06 -2011 Review existing Methods already in place for exchange of data - General Introduction Lex Moret, EL&I the Netherlands •

Client Program (Certification of Agricultural Goods at Im and Export to a new future) Client Program (Certification of Agricultural Goods at Im and Export to a new future) • • • Import (2002 -2004) Export (2004 -2010) E-certification (2010 -2011) 2

E-Certification • • • Export Certification Kenya UNCTAD Pilot Republic of Korea Pilot China E-Certification • • • Export Certification Kenya UNCTAD Pilot Republic of Korea Pilot China (Pilot USA) 3

Paradigms • • • Use (defacto) standards Use solutions created by other countries (New Paradigms • • • Use (defacto) standards Use solutions created by other countries (New Zealand) Create new solutions Versatile systems (support for multipe Standards) Reduce administrative burdens for the private sector 4

XML XML

Digital Signature XML Equivalent of a stamped signature 1. Binding to a person (or Digital Signature XML Equivalent of a stamped signature 1. Binding to a person (or organisation) 2. Difficult to copy

Electronic Signature (Digital Evidence) • • • Authentication Integrity Non-repudiation In any step of Electronic Signature (Digital Evidence) • • • Authentication Integrity Non-repudiation In any step of the lifecycle 7

Diagram showing how a simple digital signature is applied and then verified Diagram showing how a simple digital signature is applied and then verified

9 9

Standard ECONOMIC COMMISSION FOR EUROPE COMMITTEE ON TRADE Centre for Trade Facilitation and Electronic Standard ECONOMIC COMMISSION FOR EUROPE COMMITTEE ON TRADE Centre for Trade Facilitation and Electronic Business TBG “Security Project” hosted by TBG 6 Recommendation No. 37 Digital Evidence Certification Recommendation SOURCE: The Chair ACTION: Review before further iteration of Open Development Process Step 5 – Public Review STATUS: Proposed Publication Draft 11

Decisions Signature type • XML Dsig (W 3 c) (NL signing server) • XAd. Decisions Signature type • XML Dsig (W 3 c) (NL signing server) • XAd. ES/BES XAd. ES-T • XAd. ES-C • Etc. • DEC-R (recommended by TBG 5) 12

Decisions Hashing Algorithm • SHA-1 • SHA-256 (NL signing server) • Etc. Signature/document relationship Decisions Hashing Algorithm • SHA-1 • SHA-256 (NL signing server) • Etc. Signature/document relationship • Enveloping (NL signing server) • Enveloped 13

Functions Digital Signature Certificate Mastering System (CMS) • Acces Control + audit trail • Functions Digital Signature Certificate Mastering System (CMS) • Acces Control + audit trail • Search XML DBMS • Download • Update (status) • Monitor

Functions Technology : Webservices (SOAP) • Acces Control : UN/PW • Implemenation : WSDL Functions Technology : Webservices (SOAP) • Acces Control : UN/PW • Implemenation : WSDL (tbd) • 17

Webservices (example CMS NL) based on NZ and Korea 18 Webservices (example CMS NL) based on NZ and Korea 18

BUSINESS REQUIREMENTS SPECIFICATION (BRS) Business Domain: Government to Government electronic certification for traded agricultural BUSINESS REQUIREMENTS SPECIFICATION (BRS) Business Domain: Government to Government electronic certification for traded agricultural commodities Business Process: Electronic transmission of data exchanged between government inspection and quarantine authorities involved in border Document Identification: Export Certificate Title: E-cert BRS UN/CEFACT International Trade and 19 Business Processes Group: TBG 15

Ⅱ. Business Process Status Transition Initial Border Inspection – Permitted States for Transition Acknowledge Ⅱ. Business Process Status Transition Initial Border Inspection – Permitted States for Transition Acknowledge d Approved By SOAP Client of Import Agency By Border Inspector Accepted Replaced Rejected Withdrawn To. Be Replaced Detained Request Replacement Authorised Revoked

Functions Network (Internet Digital Signature XML Secure Acces by foreign NPPO (HTTPS with 128 Functions Network (Internet Digital Signature XML Secure Acces by foreign NPPO (HTTPS with 128 bit SSL)

Inspection Panning System Export Certiffication System Signing & Verification System Architecture NL (SOA) Certificate Inspection Panning System Export Certiffication System Signing & Verification System Architecture NL (SOA) Certificate Mastering System

Korea import from. . Internet KOREA e. Cert system Certificate data Request SOAP Server Korea import from. . Internet KOREA e. Cert system Certificate data Request SOAP Server Certificates Information Certificate Mastering System(CMS) DB Verfication server Importing Country Request e. Cert Response(XML) Exporting Country SOAP Server Request (Result Status update) Request SOAP Client Network SOAP Client Plant Quarantine Information System (PQIS) Result Response(update result) Signing server acknowledge_certificate accept_certificate reject_certificate detain_certificate request_replacement_certific ate. Signing server accept_certificate reject_certificate detain_certificate request_replacement_certifica te 23 Import Inspector - Register the result

And not to forget …. . • • Emergency Procedures Disaster Recovery procedures 24 And not to forget …. . • • Emergency Procedures Disaster Recovery procedures 24

Interesting URL’s Creating Signing services : http: //www. oasisopen. org/committees/tc_home. php? wg_abbrev=dss Testing signing Interesting URL’s Creating Signing services : http: //www. oasisopen. org/committees/tc_home. php? wg_abbrev=dss Testing signing services : http: //www. globaltrustfinder. com/XMLUs UN Recommendation on E-signatures: http: //www. uncitral. org/uncitral/en/uncitral_texts/electronic_commerce/2001 Model_si gnatures. html UN/CEFACT Recommendation No. 37: Signed Ditial Evidence Interoperability Recommendation, submitted for approval by the Architecture, Engineering and Construction Working Group – TBG 6, 27 september 2010 25

Questions ? A. J. Moret Projectmanager Client International – NL +31653297989 A. J. Moret@MINLNV. Questions ? A. J. Moret Projectmanager Client International – NL +31653297989 A. J. Moret@MINLNV. nl 26