The LEFIS UNIZAR PKI as a Case The LEFIS UNIZAR PKI as a Case of Identification of Identification ManagementManagement at a at a

Regional LevelRegional Level

PKI UNIZAR. DevelopmentsPKI UNIZAR. Developments

Previews. BeginningsPreviews. Beginnings

Pki Unizar DevelopmentPki Unizar Development

Future of Pki used by the UniversitiesFuture of Pki used by the Universities

1

2

3

The LEFIS PKI. CausesThe LEFIS PKI. Causes

• Fast growing of New ICTFast growing of New ICT

• Use of ICT without secure protection against risksUse of ICT without secure protection against risks

• Sensible data communications with easy vulnerabilitySensible data communications with easy vulnerability

1

• LEFIS developed its own PKILEFIS developed its own PKI

• Providing digital certificates to membersProviding digital certificates to members

• Use of Open StandardsUse of Open Standards– X.509X.509– SSLSSL– S/MIMES/MIME

The LEFIS PKIThe LEFIS PKI

1

• Construction of PKIs. Past ExperienceConstruction of PKIs. Past Experience– FESTE: from 1997FESTE: from 1997

• NotariesNotaries

– Procurators: from 1997Procurators: from 1997• Justice AdministrationJustice Administration

– Property registers: from 2000Property registers: from 2000• Identification to access to the RegistersIdentification to access to the Registers

– European PKI with juridical institutionsEuropean PKI with juridical institutions• Project Project AEQUITAS. Trust frame for electronic documents exchange AEQUITAS. Trust frame for electronic documents exchange

between european judicial operators.between european judicial operators. Information Society technologies. Information Society technologies. IST-2000-29569 IST-2000-29569

PKI. First StepsPKI. First Steps

1

• Non government organizationNon government organization

• Advanced electronic signature: PKIAdvanced electronic signature: PKI

• https://pki.lefis.orghttps://pki.lefis.org

• Access to Web pages contents and learning resourcesAccess to Web pages contents and learning resources

• 160 certificates160 certificates

• Number of access using public keys from February 2007 to Number of access using public keys from February 2007 to concrete learning resourcesconcrete learning resources– 4500+1250+13604500+1250+1360

Private Area. APTICEPrivate Area. APTICE

1

https://pki.lefis.org/index.php/home , visited on 05/07/2007 , visited on 05/07/2007The LEFIS PKIThe LEFIS PKI

1

The LEFIS PKI. The LEFIS PKI. Step by StepStep by Step

1

Certification Certification AuthorityAuthority

Private KeyPrivate Key Public KeyPublic Key

Signed Signed CertificatesCertificates

UserUser

LEFIS WEBLEFIS WEB

Web, E-mailWeb, E-mail

Registration Registration AuthorityAuthority

PKI LEFIS UNIZARPKI LEFIS UNIZAR

Previews. BegginningsPreviews. Begginnings

Pki Lefis Unizar DevelopmentPki Lefis Unizar Development

Future of Pki used by the UniversitiesFuture of Pki used by the Universities

1

2

3

• As a result of LEFIS PKI successAs a result of LEFIS PKI success

• Main objectivesMain objectives– AuthenticationAuthentication– IntegrityIntegrity– ConfidentialityConfidentiality

• To Provide a Public Key Infrastructure to To Provide a Public Key Infrastructure to University of ZaragozaUniversity of Zaragoza

The LEFIS UNIZAR PKIThe LEFIS UNIZAR PKI

2

• Guarantees effective communications inside the Guarantees effective communications inside the UniversityUniversity

• Privacy and Integrity on Data Protection from its usersPrivacy and Integrity on Data Protection from its users

• Certification AuthorityCertification Authority– Data Protection and Digital Signature Investigation Group Data Protection and Digital Signature Investigation Group

(University of Zaragoza)(University of Zaragoza)

• Registration AuthorityRegistration Authority– University of Zaragoza’s Professors Group (part of the Data University of Zaragoza’s Professors Group (part of the Data

Protection and Digital Signature Investigation Group )Protection and Digital Signature Investigation Group )

The LEFIS UNIZAR PKIThe LEFIS UNIZAR PKI

2

The LEFIS UNIZAR PKIThe LEFIS UNIZAR PKI

2

https://lefis.unizar.es/pki visited on 07/07/2007 visited on 07/07/2007

AdvantagesAdvantages

2

• Applied for a research projectApplied for a research project

• Use of own certificatesUse of own certificates

• Use of Electronic National Identitiy CardUse of Electronic National Identitiy Card

• Access to Public Administration pagesAccess to Public Administration pages

• Foreseen example: the LEFIS virtual campusForeseen example: the LEFIS virtual campus

» ARAR LA PLATA.- SpainLA PLATA.- Spain» BRBR SANTA SANTA

CATARINA.- CATARINA.- BrasilBrasil» DEDE UNIMUENSTER.- UNIMUENSTER.-

GermanyGermany» ESES ULL.- SpainULL.- Spain» ESES UNIZAR.- SpainUNIZAR.- Spain» FIFI ULAPLAND.- ULAPLAND.-

FinlandFinland» FIFI UWASA.- FinlandUWASA.- Finland» LTLT MRUNI.- LithuaniaMRUNI.- Lithuania» PLPL UMK.- PolandUMK.- Poland» PTPT IPBEJA IPBEJA .- .- PortugalPortugal» TRTR ISIKUN.- TurkeyISIKUN.- Turkey» UKUK QUEENS.- UKQUEENS.- UK» OPEN TO NEW INTERESTED PARTNERSOPEN TO NEW INTERESTED PARTNERS

Virtual Campus PartnersVirtual Campus Partners

2

• Spanish BookSpanish Book– On LEFIS Web page, only for owners of the LEFIS private-public keyOn LEFIS Web page, only for owners of the LEFIS private-public key

• Privacy, first book of the LEFIS Serie in preparationPrivacy, first book of the LEFIS Serie in preparation– Will be included on the LEFIS Web page: Access by public key Will be included on the LEFIS Web page: Access by public key

• Online teaching in Faculties of Law: second book Online teaching in Faculties of Law: second book

• Joint courses on the LEFIS Web: A page for the LEFIS Virtual campus Joint courses on the LEFIS Web: A page for the LEFIS Virtual campus (in outcomes)(in outcomes)– Participants from different Universities, teachers and studentsParticipants from different Universities, teachers and students

• Teachers and students need to use the LEFIS public-private keyTeachers and students need to use the LEFIS public-private key– Instructions to generate and obtain the keyInstructions to generate and obtain the key

• https://pki.lefis.orghttps://pki.lefis.org//

PKI AccessPKI Access

2

ComparisonsComparisons

2

Without use of PKIWithout use of PKI

Use of PKIUse of PKI

•Vulnerability of communicationsVulnerability of communications

•Non trusted contentsNon trusted contents

•Repudiation of sent informationRepudiation of sent information

•Vulnerability of our Personal DataVulnerability of our Personal Data

•Secure communications between sender and receiverSecure communications between sender and receiver

•Trusted content integrityTrusted content integrity

•Non repudiationNon repudiation

•Personal Data ProtectionPersonal Data Protection

PKI LEFIS UNIZAR. PKI LEFIS UNIZAR. DevelopmentsDevelopments

Previews. BegginningsPreviews. Begginnings

Pki Lefis Unizar DevelopmentPki Lefis Unizar Development

Future of Pki used by the UniversitiesFuture of Pki used by the Universities

1

2

3

LEFIS UNIZAR PKILEFIS UNIZAR PKI

3

• Recent rules based on Recent rules based on ee-signature exist-signature exist

• Not yet enough active PKIs Not yet enough active PKIs

• The Government institutions support several PKIs or The Government institutions support several PKIs or only oneonly one

• Neccesary to made real proofs attending to Neccesary to made real proofs attending to real/concrete present and future problemsreal/concrete present and future problems

• LEFIS has experience in real proofsLEFIS has experience in real proofs

• If members of a University can use and manage PKI If members of a University can use and manage PKI systemsystem

• If students can manage PKI systemIf students can manage PKI system

• If PKI can handle big lists of users (all students from a If PKI can handle big lists of users (all students from a University)University)

3

Points to AnalyzePoints to Analyze

ConclusionsConclusions

Secure Communications

Integrity of Contents

Personal Data Protection Easy to use

STRONG PUBLIC KEY STRONG PUBLIC KEY INFRAESTRUCTURE FOR INFRAESTRUCTURE FOR

UNIVERSITIES DEVELOPED UNIVERSITIES DEVELOPED BY LEFISBY LEFIS

Thank You for Your TimeThank You for Your Time

UNIUNIversity of versity of ZARZARagozaagoza

Andrés SaraviaAndrés Saravia

asaravia@unizar.esasaravia@unizar.es