security concepts for consideration (11 am on d3)

9
Security concepts for consideration (11 AM on d3) Peter Johnston Plant Exports

Upload: evers

Post on 09-Feb-2016

45 views

Category:

Documents


0 download

DESCRIPTION

Security concepts for consideration (11 AM on d3). Peter Johnston Plant Exports. Internet security!. The internet is a public network. There are security issues when the internet is used for connecting remote computers together. Security management needs to address: Controlling access - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Security concepts for consideration  (11 AM on d3)

Security concepts for consideration (11 AM on d3)

Peter Johnston Plant Exports

Page 2: Security concepts for consideration  (11 AM on d3)

Internet security!

•The internet is a public network.•There are security issues when the internet is used for connecting remote computers together.•Security management needs to address:o Controlling accesso Stopping malicious attackso Maintaining the integrity of the information being

transmitted

Solutions?

Page 3: Security concepts for consideration  (11 AM on d3)

Innovation?

Page 4: Security concepts for consideration  (11 AM on d3)

Vision: International Assurance Network

Issuing NPPO

notifies issued

certificates

Receiving NPPO

pulls certificates

Advantages: No polling (push-me, pull-you)

Source/authenticity of certificate data is guaranteed

No need for tight system-to-system integration

Peer-to-peer internet-based architecture, no need for central hub

Pull Certificates

Notify

AcknowledgeEvents/Exceptions

Events/Exceptions

Page 5: Security concepts for consideration  (11 AM on d3)

Solution Option“International Assurance Network”

• There must be a common understanding of the certification data elements (official assurance) to be exchanged (e.g. ISPM12)

• Focus on XML certification data rather than digitised certificates.

• Forcus on transporting XML certification date rather than end-to-end system functionality.

• Authentication of source and security of assurance data are paramount.

Page 6: Security concepts for consideration  (11 AM on d3)

Solution Option (cont’d)“International Assurance Network”

• Globally standardised transaction types• Simple message types (RESTful i.e. HTTP put, post, get,

delete actions)• Loose coupling rather that tight coupling• Open standards-based technology components• Peer-to-peer internet-based architecture rather than

cusomised point-to-point or central hub

Page 7: Security concepts for consideration  (11 AM on d3)

Point-to-point vs. Peer-to-peer

Internet Cloud

Customised Point-to-point Network Peer-to-peer Network

Customised messaging protocol built between each

NPPO server.

Globally standardised

messaging protocol between all NPPO

servers.

Page 8: Security concepts for consideration  (11 AM on d3)

Vision: International Assurance Network

Global Community of Exporting and Importing NPPOs

Page 9: Security concepts for consideration  (11 AM on d3)

Thank-you

Peter Johnston+64 4 894 [email protected] & Export Standards MAFPO Box 2526 Wellington New Zealand