oewg 09-06-2011
DESCRIPTION
OEWG 09-06-2011. Review existing Methods already in place for exchange of data - General Introduction Lex Moret, EL&I the Netherlands. Client Program (Certification of Agricultural Goods at Im and Export to a new future). Import (2002-2004) Export (2004 -2010) - PowerPoint PPT PresentationTRANSCRIPT
OEWG 09-06-2011
• Review existing Methods already in place for exchange of data
- General Introduction Lex Moret, EL&I the Netherlands
Client Program (Certification of Agricultural Goods at Im and Export to a new future)
• Import (2002-2004)• Export (2004 -2010)• E-certification (2010-2011)
2
E-Certification
• Export Certification Kenya• UNCTAD• Pilot Republic of Korea• Pilot China• (Pilot USA)
3
Paradigms
• Use (defacto) standards • Use solutions created by other
countries (New Zealand)• Create new solutions• Versatile systems (support for
multipe Standards) • Reduce administrative burdens for
the private sector
4
XML
XML
Digital Signature
Equivalent of a stamped signature
1.Binding to a person (or organisation)2.Difficult to copy
Electronic Signature (Digital Evidence)
• Authentication• Integrity• Non-repudiation
In any step of the lifecycle
7
Diagram showing how a simple digital signature is applied and then verified
9
Standard ECONOMIC COMMISSION FOR EUROPE
COMMITTEE ON TRADECentre for Trade Facilitation and Electronic Business
TBG “Security Project” hosted by TBG6Recommendation No. 37
Digital EvidenceCertification
RecommendationSOURCE: The Chair
ACTION: Review before further iteration of Open Development Process Step 5 – Public Review
STATUS: Proposed Publication Draft
11
Decisions
Signature type•XML Dsig (W3c) (NL signing server)•XAdES/BES XAdES-T•XAdES-C•Etc. •DEC-R (recommended by TBG 5)
12
Decisions
Hashing Algorithm•SHA-1•SHA-256 (NL signing server)•Etc. Signature/document relationship•Enveloping (NL signing server)•Enveloped
13
XML
Digital Signature
Functions
•Acces Control + audit trail
•Search
•Download
•Update (status)
•Monitor
DBMSDBMS
Certificate MasteringSystem (CMS)
Functions
• Technology : Webservices (SOAP)
• Acces Control : UN/PW• Implemenation : WSDL (tbd)
17
Webservices (example CMS NL)based on NZ and Korea
18
19
BUSINESS REQUIREMENTS SPECIFICATION(BRS) Business Domain: Government to Government electronic certification for traded agricultural commodities Business Process: Electronic transmission of data exchanged between government inspection and quarantine authorities involved in border
Document Identification: Export Certificate Title: E-cert BRS UN/CEFACT International Trade and Business Processes Group: TBG15
Ⅱ. Business ProcessStatus Transition
Initial
Approved
Acknowledged
Accepted
Rejected
Detained
Request Replacement
Withdrawn
Border Inspection – Permitted States
for Transition
ReplacementAuthorised
ToBe Replaced
Replaced
Revoked
By SOAP Client of Import Agency
By Border Inspector
Network(InternetNetwork(Internet
Secure Acces by foreign NPPO (HTTPS with 128 bit SSL)
XML
Digital Signature
Functions
Export Certiffication
System
Export Certiffication
System
CertificateMastering
System
CertificateMastering
System
InspectionPanning System
InspectionPanning System
Signing & Verification
System
Signing & Verification
System
System Architecture NL(SOA)
23
Network
Plant QuarantineInformation
System(PQIS)
Internet
Request Request
ExportingCountry
SOAPServer
SOAPClient
Request
ImportingCountry
Korea import from ..
Certificate Mastering
System(CMS)DB
Response(XML) eCertCertificates Information
Response(update result)
Result
- Register the result
SOAPServer
SOAPClient
Request(Result Status update)
Certificate data
Import Inspector
accept_certificatereject_certificatedetain_certificate
request_replacement_certificate
acknowledge_certificateaccept_certificatereject_certificatedetain_certificate
request_replacement_certificateSigning server
Signing serverSigning server
Verfication server
Verfication server
And not to forget …..
• Emergency Procedures• Disaster Recovery
procedures
24
Interesting URL’s
Creating Signing services : http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=dssTesting signing services :http://www.globaltrustfinder.com/XMLUsUN Recommendation on E-signatures:http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce/2001Model_signatures.htmlUN/CEFACTRecommendation No. 37: Signed Ditial Evidence Interoperability Recommendation, submitted for approval by the Architecture, Engineering and Construction Working Group – TBG6, 27 september 2010
25