The Identrus System PKI FORUM- Dublin JOHN G BULLARD MANAGING DIRECTOR PARTICIPANT RELATIONS 27 th June 2000 www. identrus. com
Market Opportunity
Financial Institutions as Trusted Third Parties ……. Trust and Risk are closely connected……. . Systems of Trust are only as viable as the processes they are based upon… • • • Keys/certificates issued indiscriminately erodes trust Certificate Issuers should know the recipients Certificate Issuers should financially endorse Identities Issuers recognized as trustworthy enhance the utility A sophisticated technology capability is required Processes and systems are required to initially validate personalities prior to issuance, validate & verify on an ongoing basis, and communicate changes in privilege Banks Already … å are positioned as trusted intermediaries in traditional commerce {Signature Guarantors; Payments} å have extensive experience in deploying and managing robust security solutions to customers {Funds Transfer; Online Treasury Workstations} å are beginning to deploy certificates for use when customers desire to access their banks’ payments network {Broadening the acceptability of bank certificates provides seamless connectivity between the buying process and the payments environment} å have broad customer reach {Large Corporate; Middle Market, Small Business}
IDENTRUS RELATIONSHIPS INVESTORS TEC. VENDORS HR, PREMISES ETC. IDENTRUS LLC SOL. PARTNERS CUSTOMERS’ CUSTOMERS
Identrus Foundation § International trust infrastructure § Based on Public Key Infrastructure (PKI) technology. § Leverages Financial Institutions for global distribution and local presence. § End-user certificates provide for Identity of transacting parties, Message integrity, and non-repudiation. § Financial Institutions globally are engaging to participate in the Identrus network
Our Market Thesis As agents of trust, managers of risk, and enablers of commerce, financial institutions are uniquely positioned to provide CA services to buyers and sellers and make digital certificates an integral part of the global electronic commerce marketplace.
United States Federal Reserve Board Order. . . Proposed Activities Identrus is a joint venture among Notificants and other commercial banks and foreign banking organizations. Under the proposal Identrus would act as the global rulemaking and coordinating body for a network of financial institutions that would act as CAs and therby provide services designed to verify or authenticate the identity of customers conducting financial and nonfinancial transactions over the Internet and other “open” electronic networks. To provide these services, Identrus and its network of participating financial institutions (the “Identrus System”) would utilize digital certificates and digital signatures created through the use of public key cryptography. … Conclusion Based on the foregoing and all the facts of record, the Board has determined that the proposal should be, and hereby is, approved. … By order of the Board of Governors, effective November 10, 1999 Voting for this action: Chairman Greenspan, Vice Chairman Ferguson, and Governors Kelley, Meyer, and Gramlich, USA.
HIERARCHICAL PKI
GLOBAL LEGAL FRAMEWORK. : . INT’L CONTRACT LAW.
REAL TIME VALIDATION & WARRANTY…. . .
SYSTEM-WIDE RISK MANAGEMENT METERING….
Opportunity- the end customer does not want a fistful of cards- just simplicity, transparency and reliability EC Applications u u u Financial Services Online Auction Markets Electronic Content Delivery Insurance Sales & Contracts Securities Trading Government Filings, Procurement, etc. u u u ACH Payments Corporate Purchasing International Trade Letter of Credit Statement Delivery Others Global Trust Identity Certificate
Where is Trust required? How much certainty required at each stage? Buyer Find Trading Partner Bid/ Selection Obtain Credit Contracts/ Purch. Logistics Order Pay / Settle Bank Emerging Online Trust Roles Bank Seller Find Trading Partner Offer/ Accept Assess Credit Contracts/ Purch. Logistics Order Pay / Settle Traditional Trust Role
Where we stand: Customer Usage/Pilots • Pilots underway: – Cisco – Commercial Leasing – Allianz – Insurance Contract Administration – Siemens – Online Procurement/Computer Sales – Com. Lease – Equipment Leasing – SAP – My. SAP – Single Sign-on and STP for ERP – e. Bx – Bill Presentment and Payment Many others finalizing details with their sponsor banks – Auction Sites/Online Markets/Exchanges – Corporate Purchasing – E-Letters of Credit – E-Payments
Identrus System Documentation Policy documents Technical documents Legal documents Other documents Operational documents
Risk Management Approach Security/Technology • Infrastructure specifications • Security specifications • Exposure Management Risk Controls Allocation • Customer Agreements • Participant Agreements • Collateral Agreements • Claims and Dispute Resolution Procedures Monitoring, Procedures & Practices • Controls and Practices • Minimum Operating Requirements • Collateral and Cap monitoring
System-wide Roles & Responsibilities Contracts & Procedures Root Certificate Authority (CA) Identrus Root CA OCSP Resp. & Repository Risk Mgmt Module Transaction Coordinator Relying Participant Issuing Participant OCSP Responder & Repository Certificate Authority Subscribing Customer OCSP Responder & Repository Risk Management Module Transaction Coordinator Client App Purchasing Manager (Certificate Holder) Certificate Authority Business to Business Client App Interactions (Relying Party) Seller Relying Customer
Summary • The Identrus System allows for a Global Electronic Marketplace • FI’s issued Digital Certificates for authenticating Businesses, Employees and Application Servers • Identrus focused on Identity risk management services – Validation, Warranty, Authorization, etc. • Partnership approach is key to building a robust highly interoperable business system
For additional information about the Identrus: www. identrus. com Or email to: info@identrus. com 12
Скачать презентацию The Identrus System PKI FORUM- Dublin JOHN G
0501e868345d4997abb354c0ee611c35.ppt