Dr Hachem Dr Hazem by WOpK104


									The Egyptian E-Signature Law
 and Establishment of ITIDA
         Dr. Sherif Hashem & Dr. Sherif Hazem
  Information Technology Industry Development Agency
•   Egypt ICT Outlook
•   Egypt’s E-Signature Law
•   Why Root CA? and how it works?
•   ITIDA Responsibilities
        Egypt’s ICT Outlook – 2005
•   Fixed Line Subscribers              9.7 Mil.
•   Teledensity                         13.8 %
•   Mobile Subscribers                  8.9 Mil.
•   PCs                                 2.5 Mil.
•   Pay Phone Cabins                    55    K.
•   ICT Clubs                           1199 club
•   Internet Users                      4.3 Mil.
•   Internet Bandwidth                  2.4 Gbps
•   Internet dialup access cost         22    cents/hour
•   ADSL cost (256kbps)                 26    $/month
•   ICT Companies                       1,516
•   ICT Work Force                      34,455
•   Professional Development Trainees   21,922
•   Skills Development Trainees         108,000
      Egypt’s E-Signature Law
• In April 2004, Egypt passed the Law 15
  Regulating Electronic Signatures
  (The “E-Signature Law”)

• The E-Signature Law also established the
  E-Signature regulatory authority, officially known
  as the Information Technology Industry
  Development Agency (ITIDA)

• National E-Signature committee
   – (Legal and technology experts)
      • Government, private sector, and academia
       Egypt’s E-Signature Law:
      Towards a Paperless Society
• Scope: Commercial, Administrative, Civil
• The law follows international norms and trends
• Technology Neutrality
• Recognizes electronic/digital signatures and
• Establishes a regulatory body for CAs
• Sets measures for recognizing “foreign” CAs
• Addresses security and privacy protection issues
 Egypt’s E-Signature Executive Directives
                      (May 2005)

• ITIDA is Egypt’s Root CA.
• Technical & operational requirements for CAs to be
  licensed by ITIDA
• Technical requirements for qualified E-Signatures,
  including the use of PKI, digital certificates, and
  signature devices
• Guidelines for recognizing e-writing & e-documents
• Licensing and audit procedures
• Requirements for recognition of foreign digital
     Regulating E-Signature

                 Information Technology
              Industry Development Agency
                 (E-Signature regulator)

                Request for digital certificates

Certificate        Digital Certificates
                                                   Client Organizations
           The Egyptian Solution:
               Strict Hierarchy
• The idea behind a strict hierarchy is that all “trust” originate
  from a common Root CA.

• The root CA is the trust anchor for all relying parties within
  that domain.

• Higher level CAs issue certificates to subordinate CAs

• A subordinate CA will have one superior, and only one.

• Strict hierarchies are appropriate for many enterprises,
  especially where policy controls are to be enforced in a “top-
  down” fashion.
            Why ROOT CA?

• Offers an efficient solution for
  interoperability problems.
• Serves all end user as the last and most
  important security anchor, as it proofs or
  denies the validity of the certificates of
  commercial Trust Centers.
• Facilitates the mutual acceptance of E-
  Signatures between two countries
  considerably: a cross certification between
  the two Root CA is sufficient.
                          Ministry of Communication and Information Technology

                    Information Technology Industry Development Agency (ITIDA)


   Accredits                                                               Accredits

  ROOT          certify                National root
Country XY                        certification authority


             Certification service                          Certification service
                   providers                                     providers

                              Signature key holders
               How Root CA Works

                            Root CA
              Root CA                       Root CA's Private Key
Self Signed              Certificate Info
                         Root Signature

                         Subordinate CA
                                            Root CA's Private Key
              Sub CA     Certificate Info
                         Root Signature

                                            Subordinate CA's Private Key
                         Certificate Info
                        SubCA's Signature

                                            Subscriber's Private Key
           ITIDA Responsibilities
• Operates a Root-CA according to the highest security standards.

• Offers a continuous 24hx7d operation (based on the means of a 2nd
  hot-standby Trust Center),

• Personalizes the CA-and other service-chip cards for other Trust

• Operates an electronic directory service that includes the certificates
  of all accredited Trust Center.

• Stops operation of other Trust Centers (e.g. in case of suspicion of
  manipulation, not sufficient compulsory cover, security deficiencies),

• Executes cross-certification with CAs in other countries.
 Thank You

To top