CWA 14167-1
In compliance with CWA 14167-1, Section 5.1.2 SO1.1, the Digi-CA™ and Digi-CA™ Xg Trust Centre documentation provides documented instructions for the installation, administration and usage of the Digi-CA™ systems.
In compliance with CWA 14167-1, Section 5.1.2 SO2, Digi-CA™ can be configured to ensure business continuity so that services are quickly and securely restored in case of failure of the Digi-CA™ system.
In compliance with CWA 14167-1, Section 5.1.2 SO2.1, the Digi-CA™ provides for availability of the system services operation at 99.9% availability on a monthly basis and also ensures the following:
In compliance with CWA 14167-1, Section 5.1.2 SO2.2 and SO2.3, the Digi-CA™ enables the continued operation of the Digi-CA™ because the entire system is replicated to a second set of Digi-CA™ servers and if required the entire Digi-CA™ can be migrated to a totally new Digi-CA™ environment at an acceptable level of risk because the information stored in the previously live system was publicly available information only.
In compliance with CWA 14167-1, Section 5.1.2 SO3, the Digi-CAST2™ Team will document the accuracy of the Time Stamping Device once it is installed and tested and two sources of atomic clock are used to perform this task.
In compliance with CWA 14167-1, Section 5.1.3.1, the Digi-CA™, using two factor authentication where applicable and defined administration roles, only authorized persons have any access to the system.
In compliance with CWA 14167-1, Section 5.1.3.2 IA1.1-3 & IA2, the Digi-CA™ requires each user to be identified and to be successfully authenticated before they are allowed any action on behalf of that user or role assumed by the user. There must be re-authentication after log-out and the authentication data, where used, is unique and cannot be reused.
In compliance with CWA 14167-1, Section 5.1.3.2 IA2.1-2, if the number of unsuccessful authentication attempts equals or surpasses the maximum number of allowed attempts, the Digi-CA™ system prevents further authentication attempts and if the number of unsuccessful authentication attempts equals or surpasses the maximum number of allowed attempts, and the role is that of an administrator, then a notification event is logged by the system and the access is denied until two alternative authorized personnel conduct and audit of the event and reinstate the Administrator who’s access has been denied.
In compliance with CWA 14167-1, Section 5.1.3.2 IA3.1, the probability of guessing any secret defined for any component of the Digi-CA™ is negligible.
In compliance with CWA 14167-1, Section 5.1.4.1, the system access control functions control the use of objects of the Digi-CA™ to authorized persons only. This applies to all sensitive objects of the Digi-CA™. System access control is provided by the underlying operating software and access rights to specific Digi-CA™ objects are determined by the owner of the object based on the identity of the subject attempting the access and the access rights to the object granted to the subject or the privileges held by the subject.
In compliance with CWA 14167-1, Section 5.1.4.2 SA1, the Digi-CA™ provides the capability of controlling and limiting access by identified individuals to the system/user objects they own or are responsible for and ensures they provide access protection to sensitive residual information by using secure, cryptographic based authentication methods along with defined administration roles.
In compliance with CWA 14167-1, Section 5.1.5.1, Digi-CA™ uses cryptographic keys to provide integrity, confidentiality and authentication functions within its own subsystems and in between subsystems and throughout the key life cycle management of private and/or secret keys is carried out securely.
The Digi-CA™ keys are separated into the following categories:
-
1. ALL Signing Keys - Digi-CA’s™ key pair for producing Qualified Digi-IDs™ or Non-Qualified Digi-IDs™ and keys for signing certificate status information.
2. Infrastructure Keys – these are keys used by the Digi-CA™ for processes such as key agreement, subsystem authentication, audit log signing, encrypting transmitted or stored data, etc. Short term session keys are not categorized as Infrastructure keys
3. Digi-CA™ Control Keys – these are keys used by personnel managing or using the Digi-CA™ and may provide authentication, signing or confidentiality services for those personnel interacting with the system.
In terms of security requirements, ALL Signing Keys are long-term keys whose impact from exposure is high. Consequently, countermeasures for managing this risk are also high, both in number and in effect. Infrastructure keys are also considered high risk but due to their distributed functionality and shorter lifespan they are a lower risk in comparison to signing keys. The lowest risk keys, used by the Digi-CA™, are considered to be those used by personnel for controlling the Digi-CA™, as these are used by trusted individuals and have an even shorter lifespan. Session keys, used for single/short transactions are treated as sensitive information but with lower security requirements to the above stated categories.
Infrastructure and Control keys may be either asymmetric or symmetric keys.
-
Key Generation
Key Generation refers to the creation of keys.
Key Distribution
All Key Distribution is the function of distributing the Digi-CA’s™ Public Key, Infrastructure or Control keys.
Key Usage
This is the controlling of usage of generated keys within cryptographic algorithms to provide cryptographic services.
Key Change
Key change may be:
Key Destruction
When a key is compromised or when it reaches the end of its operational life it may be destroyed to prevent any further use of the key.
Key Storage, Backup & Recovery
After Key Generation, the keys may be stored in secure environments and may be copied and backed up to meet operational requirements. These backed up keys may need to be recovered when for example the existing key is inadvertently destroyed.