[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [egov] Missing Securty: Update Working Draft for Workflow Standards
Regarding http://w1.181.telia.com/~u18116613/A.R.AppliedPKI-Lesson-1.pdf I got an interesting off-list comment from an actual implementor of secure purchasing systems. Here is some 10% of the comment: "From my understanding of how business processes generally work, it would be quite counterproductive for P to encrypt a purchasing message to a particular OR. OR is almost certain to be a role, and any individual associated with that role should be able to engage in a workflow that handles the PO" "...there are at least 10 different human roles involved in the workflow that leads from PO request to PO. Thus I suggest that your model not focus on an individual purchaser P, but rather on the buying organization's purchasing system server PSS." "That is, P may interact with her order system via a web browser, and in that case her connection will probably be TLS-protected, server-authenticated by server certificate, and client authenticated by cert, password, token or some combination." "Along those lines, I think one should distinguish the security requirements within organizations from those between organizations." All these statements and particularly the last one, is indeed indicating that a singular PKI having "employee" as the only entity and clients as the primary infuser of encryption, is not a suitable foundation for secure multi-party workflow as the actors actually involved consist of employees, servers, roles, organizations etc. In case interoperability is to be achieved on a wider scale, it is not enough to agree on technical frameworks, but also on how these actors are supposed to be expressed identity-wise. If every organization or community do their "thang", I believe the rest will not work particularly satisfactory. I maintain that this is currently outside of existing standards. And the reason is obvious: this is delicate matter. However, no matter how delicate or political this subject may be, I think it is at least a good idea to at east try to specify the options. This is what I'm trying to do although the "format" may be somewhat inappropriate. Anders Rundgren
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]