TY - GEN
T1 - Formulation of Certificate Policy and Certification Practice Statement Framework for Subordinate Certification Authorities Indonesia
AU - Gandhi, Arfive
AU - Sucahyo, Yudho Giri
AU - Sirait, Tomi
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2017/3/23
Y1 - 2017/3/23
N2 - Certificate Policy (CP) and Certification Practice Statement (CPS) are mandatory documents for Subordinate Certification Authorities (Sub-CAs) to explain their process business in Indonesia National Public Key Infrastructure (INPKI). Due to Sub-CAs' low proficiency in preparing CP and CPS, Ministry of Communication and Information Technology (MCIT) need to formulate CP and CPS framework for them. The usage of Request For Comment (RFC) 3647 as standard of CP and CPS format should be complemented with statements to comply with legal aspect of information security in Indonesia. This compliance explained in the relevant of provisions in CP and CPS. The research will contribute the acceleration of Sub-CA's readiness in CP and CPS requirements, both in technical and legal aspect. Sub-CAs CP and CPS are important in gaining trust from government as regulator and citizen as subscriber. This research provides guidance for Sub-CAs to compose sufficient CP and CPS related to three aspects: Governance, technical, and human resources requirements. This research also promote future analysis about Level of Assurance, DN structure modification, and physical infrastructure standardization as recommendation for MCIT and Sub-CAs.
AB - Certificate Policy (CP) and Certification Practice Statement (CPS) are mandatory documents for Subordinate Certification Authorities (Sub-CAs) to explain their process business in Indonesia National Public Key Infrastructure (INPKI). Due to Sub-CAs' low proficiency in preparing CP and CPS, Ministry of Communication and Information Technology (MCIT) need to formulate CP and CPS framework for them. The usage of Request For Comment (RFC) 3647 as standard of CP and CPS format should be complemented with statements to comply with legal aspect of information security in Indonesia. This compliance explained in the relevant of provisions in CP and CPS. The research will contribute the acceleration of Sub-CA's readiness in CP and CPS requirements, both in technical and legal aspect. Sub-CAs CP and CPS are important in gaining trust from government as regulator and citizen as subscriber. This research provides guidance for Sub-CAs to compose sufficient CP and CPS related to three aspects: Governance, technical, and human resources requirements. This research also promote future analysis about Level of Assurance, DN structure modification, and physical infrastructure standardization as recommendation for MCIT and Sub-CAs.
KW - CP
KW - CPS
KW - Certificate policy
KW - Certification authority
KW - Certification practice statement
KW - Information security
KW - Sub-Certification authority
UR - http://www.scopus.com/inward/record.url?scp=85018320014&partnerID=8YFLogxK
U2 - 10.1109/ICISSEC.2016.7885854
DO - 10.1109/ICISSEC.2016.7885854
M3 - Conference contribution
AN - SCOPUS:85018320014
T3 - ICISS 2016 - 2016 International Conference on Information Science and Security
BT - ICISS 2016 - 2016 International Conference on Information Science and Security
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 3rd International Conference on Information Science and Security, ICISS 2016
Y2 - 19 December 2016 through 22 December 2016
ER -