Beruflich Dokumente
Kultur Dokumente
Kenya
Victor Kyalo
Kenya ICT Board
Agenda
§ Background
§ Global Cyber Incidents
§ Mitigating Cyber Threats
§ Conclusions
§ National PKI Establishment
Background
Background
Global Cyber Incidents
Global Cyber Incidents
Mitigating Cyber Threats
(Efforts)
Mitigating Cyber Threats
Mitigating Cyber Threats: Kenya
KE-CIRT
KE-CIRT
Conclusions
National PKI Establishment (NPKI)
(Work in progress)
Contents
4. Questions
Contents
4. Questions
PKI (Public Key
Infrastructure)?
Personnel, policy, procedures, components and facilities to bind user names to
electronic keys so that applications can provide the desired security services.
Server-side software
Server
Cert
certificate
Signature
Digital
Directory
Server
Certificate Client-side software
Authority
Client
Cert
Registration
Authority PKI Client
(PC/Phone/PDA)
Need for Digital Signature
Industrial Society Informational Society
Problems Solutions
Risk of deceiving Authentication Digital Signature
identity of sender
Signature or
Signature-seal Digital Signature
4. Questions
Domain Information (April 2011)
Hacked/Defaced Websites 2007-2011 (.go.ke)
Hacked/Defaced Websites (.ac.ke)
Hacked/Defaced Websites (.co.ke)
Certificate Without Accreditation
Weak Authentication
Confidential Client Data
Accredited Digital Certificate (Trusted and Valid)
Accredited Digital Certificate + Human Verification
Encrypted Database (Anti-WikiLeaks)
Contents
4. Questions
Setup of Infrastructure for Internet Security
PKI Model
stablihm
Ew
enL gu),P
(croS K
Id Certification
Accredited Service
Root CA
CA
B
uildngPK
IC
etr
Accredited
Certificate
E-procurement,
Internet
enabldA
pictos Banking,
D K
evlopingP
I E-commerce, etc
Application Service organizations or companies
Taxation
-National Tax Agency Digital Signature & Seal
-Access with certificates -Distribute certificates
-Develop and enhance system
e-Government adopting certificates
Applications
National Financing E-Supply (G2B)
Information System - Online bidding with certificate
- Based on Internet
banking, etc Public Key Infrastructure
(PKI Center)
Enhance computerization
- Sharing national resource
information
Electric document system
-Interoperable with other systems
4 Major Insurances data exchange
Education Administration System - Labor, Medical care, Pension, Industrial
-Teachers can assess with cert. disaster
- Internet access with certificate
Effectiveness of
Expectations
PKI is making up the safe and trustful environment using electronic signature.
Background
vkyalo@ict.go.ke