1 / 26

OEWG 09-06-2011

OEWG 09-06-2011. Review existing Methods already in place for exchange of data - General Introduction Lex Moret, EL&I the Netherlands. Client Program (Certification of Agricultural Goods at Im and Export to a new future). Import (2002-2004) Export (2004 -2010)

sarahhamilton
Download Presentation

OEWG 09-06-2011

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OEWG 09-06-2011 • Review existing Methods already in place for exchange of data - General Introduction Lex Moret, EL&I the Netherlands

  2. Client Program (Certification of Agricultural Goods at Im and Export to a new future) Import (2002-2004) Export (2004 -2010) E-certification (2010-2011)

  3. E-Certification Export Certification Kenya UNCTAD Pilot Republic of Korea Pilot China (Pilot USA)

  4. Paradigms Use (defacto) standards Use solutions created by other countries (New Zealand) Create new solutions Versatile systems (support for multipe Standards) Reduce administrative burdens for the private sector

  5. XML

  6. Digital Signature Equivalent of a stamped signature Binding to a person (or organisation) Difficult to copy XML

  7. Electronic Signature (Digital Evidence) Authentication Integrity Non-repudiation In any step of the lifecycle

  8. Diagram showing how a simple digital signature is applied and then verified

  9. Standard ECONOMIC COMMISSION FOR EUROPE COMMITTEE ON TRADE Centre for Trade Facilitation and Electronic Business TBG “Security Project” hosted by TBG6 Recommendation No. 37 Digital Evidence Certification Recommendation SOURCE: The Chair ACTION: Review before further iteration of Open Development Process Step 5 – Public Review STATUS: Proposed Publication Draft

  10. Decisions Signature type XML Dsig (W3c) (NL signing server) XAdES/BES XAdES-T XAdES-C Etc. DEC-R (recommended by TBG 5)

  11. Decisions Hashing Algorithm SHA-1 SHA-256 (NL signing server) Etc. Signature/document relationship Enveloping (NL signing server) Enveloped

  12. Certificate Mastering System (CMS) Functions Digital Signature • Acces Control + audit trail • Search • Download • Update (status) • Monitor XML DBMS

  13. Functions Technology : Webservices (SOAP) Acces Control : UN/PW Implemenation : WSDL (tbd)

  14. Webservices (example CMS NL)based on NZ and Korea

  15. BUSINESS REQUIREMENTS SPECIFICATION (BRS) Business Domain: Government to Government electronic certification for traded agricultural commodities Business Process: Electronic transmission of data exchanged between government inspection and quarantine authorities involved in border Document Identification: Export Certificate Title: E-cert BRS UN/CEFACT International Trade and Business Processes Group: TBG15

  16. Ⅱ. Business Process Status Transition Border Inspection – Permitted States for Transition Initial By SOAP Client of Import Agency Acknowledged Approved By Border Inspector Accepted Replaced Rejected ToBe Replaced Detained Withdrawn Request Replacement Replacement Authorised Revoked

  17. Network (Internet Functions Digital Signature XML Secure Acces by foreign NPPO (HTTPS with 128 bit SSL)

  18. Inspection Panning System System Architecture NL (SOA) Export Certiffication System Certificate Mastering System Signing & Verification System

  19. Korea import from .. Internet Verfication server KOREA eCert system Certificate data Importing Country Plant Quarantine Information System (PQIS) Request Request Request SOAP Server SOAP Client Certificates Information Network eCert Response(XML) Certificate Mastering System(CMS) DB Exporting Country Request (Result Status update) SOAP Server SOAP Client Result Response(update result) accept_certificate reject_certificate detain_certificate request_replacement_certificate Signing server acknowledge_certificate accept_certificate reject_certificate detain_certificate request_replacement_certificateSigning server Import Inspector - Register the result

  20. And not to forget ….. Emergency Procedures Disaster Recovery procedures

  21. Interesting URL’s Creating Signing services : http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=dss Testing signing services : http://www.globaltrustfinder.com/XMLUs UN Recommendation on E-signatures: http://www.uncitral.org/uncitral/en/uncitral_texts/electronic_commerce/2001Model_signatures.html UN/CEFACT Recommendation No. 37: Signed Ditial Evidence Interoperability Recommendation, submitted for approval by the Architecture, Engineering and Construction Working Group – TBG6, 27 september 2010

  22. Questions ? A.J.Moret Projectmanager Client International – NL +31653297989 A.J.Moret@MINLNV.nl

More Related