Tech Days – On-Demand

Telecom Italia Trust Technologies, Italian eIDAS QTSP for digital signature, has set up a PKI for the 4G and 5G networks of TIM, the primary mobile telecom operator in Italy.

The project had the challenging requirement of delivering a solution able to issue certificates to devices from different vendors using the CMPv2 protocol as defined by the 3GPP framework.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The Dutch Ministry of Justice has an expertise center for chip technology and PKI for ePassports. In addition to testing border control readers, the center offers for example ePassport training about chip technology and PKI for government and border control personnel.

The PKI expertise center also offers an internal PKI as a Service (PKIaaS) that includes several production environments, barcode signing and log signing, and management of HSMs. In this session Cor de Jonge, Team Lead and Business Owner PKI, and Jeen de Swart, Senior Information Architect at Judicial Information Service, Ministry of Justice and Security will give you a glimpse of all these use cases. The expertise center uses Keyfactor (PrimeKey) software connected to own programmed applications.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Development teams often use Continuous Integration (CI) tools (e.g., Jenkins, Bamboo, Team City, CircleCI, Concourse, etc.) and Continuous Deployment (CD) tools (e.g., Harness, etc.) in their SDLC cycles. Karthik Lalithraj, Keyfactor's Director of Solutions Engineering, East, will address some of the more complex questions facing enterprises today. Attendees will come away with answers to questions such as:

How can teams integrate Continuous Security (CS) within the CI/CD process using digital signing?

How can teams secure the private key while simultaneously providing code-signing access to various groups? How does this process work across globally disparate teams and individuals?

How can you stop lousy development practices?

Can we audit this?

And finally, how do teams consume and validate these artifacts?

This talk will cover how these challenges are quickly addressed in the enterprise.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The European digital identity wallet will be available to EU citizens, residents, and businesses that want to identify themselves or provide confirmation of certain personal information. It can be used for both online and offline public and private services across the EU. The wallets will be based on trusted digital identities provided by Member States, improving their effectiveness, extending their benefits to the private sector, and offering personal digital wallets that are safe, free, convenient to use, and protect personal data.

For this initiative, the Commission builds on the existing cross-border legal framework for trusted digital identities, the European electronic identification and trust services initiative (eIDAS Regulation).

The session will cover the latest concepts for implementation, the relevant standard initiatives (ISO, CEN, and ETSI), and the pros and cons of this ambitious project in the context of the Digital Service Act and the Digital Market Act.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The Bundesnotarkammer (Federal Chamber of Notaries) was mandated to build and host a secure platform to preserve all notarial deeds created in Germany. The system requires all documents to be end-to-end-encrypted with keys that are only available to 7,300 notaries. To make this possible, the archive relies on secure identities and devices to create, store, and share keys in the notaries’ offices.

This session will cover:

Security aspects of the project that ensure the confidentiality and availability of the documents over a period of 100 years.

How document encryption and the concept of key domains for the secure key sharing between smart cards works.

An overview of decentralized key management and what it means to do all this without having a central master key.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The last twelve months has seen the conclusion of the first stage of NIST's PQC competition and the final round for NIST's Lightweight Cryptography competition. Organizations like BSI and ETSI have also produced reports in the area. In this session, David Hook, VP Crypto Workshop, Keyfactor, will look at some of the details of the algorithms chosen, the motivations for selection, and how these new algorithms are positioned to be useful for servers and the smaller devices making up the Internet of Things.

Earn 0.50 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

In this session, Tomas Gustavsson, Chief PKI Officer, Keyfactor, will share his take on trending PKI topics from the last year, including the challenges associated with successful PKI deployment and implementation. He'll dive deeper into the technical details of these challenges and offer strategies to help teams overcome them. Think topics such as HSMs and cloud, IoT standards and Covid-19 certificates, and much more.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

OPC UA is a communication standard from the OPC Foundation for industrial automation and the IIoT. It is designed to allow different devices and systems from different manufacturers to communicate with each other in a secure and reliable way.

In this session, Matthias Damm, CEO of Unified Automation, will introduce OPC UA and explain how to automate certificate management for OPC UA applications. Matthias will show how these mechanisms are implemented in Unified Automation products and how they are integrated with a Keyfactor PKI.

Attendees will learn how secure device provisioning has been integrated into the latest revision of OPC UA.

Finally, Florian Handke, Smart Production Engineer, Campus Schwarzwald, and Andreas Philipp, Senior Business Development Manager, IoT, Keyfactor, will present an upcoming free service that will ensure that certifications are no longer a show-stopper in the industry.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

No one knows exactly when a large-scale quantum computer will be invented. When it does happen, all public key cryptography in use today will be at risk, allowing recorded encrypted traffic to be recovered. As a result, post-quantum cryptography (PQC) is being developed and standardized. Next, many internet security protocols will be enhanced to use PQC algorithms. Once the protocols have been developed it will take many years to transition.

Earn 0.50 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

IEC 62443 requires the use of secure identities for devices and the protection of integrity and authenticity of software and firmware. In this session, Dr. Lutz Jänicke, Corporate Product & Solution Security Officer of Phoenix Contact, will discuss these requirements and the security requirements for IEEE 802.1AR device identity certificates. He’ll cover how future use cases like zero-touch provisioning can be supported.

Jänicke will dive into how digital signatures for software and firmware can be realized with an attached signature infrastructure in different formats needed from plain (raw) signatures up to Advanced digital Electronic Signatures (AdES).

Attendees will learn about requirements from the IEC 62443 security standard, a solution for supporting infrastructure, and discussion about the implementation at the supplier of automation components Phoenix Contact.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

As the CA/Browser Forum Chair and participant in several PKI industry forums like ACAB-c, ETSI ESI, and the PKI Consortium, Dimitris Zacharopoulos will provide an update on topics including:

Publicly trusted Server TLS, code signing, and S/MIME certificates

ETSI ESI standards for Trust Service Providers

ACAB'c activities

PKI Consortium activities

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Siemens Product PKI Certificate Management and Digital Signature services - these services are used as a one-stop internal service to provide Siemens business units a highly trustworthy solution to handle all of their digital certificates and signature needs.

In this presentation Antonio will cover:

High-level use case introduction: SW signing (via, for example, CMS signatures) and which protection goals it helps achieve, specifically in the Siemens ecosystem

How SW signing is done today with traditional cryptography and SignServer + EJBCA within the Siemens ecosystem

How SW signing can be securely done in the future employing PQC, e.g., "NIST 3rd" round digital signature algorithms or stateful HBS schemes (c.f. Commercial National Security Algorithm Suite 2.0)

Presenting results of PoC with PQC signature algorithms such as Dilithium, including remaining open topics to have an end-to-end PQC SW signing in place.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

The landscape of European Union cybersecurity-related legislation is constantly changing. Various acts are already enforced or still under discussion – covering more and more areas, and complementing each other. These acts mention standards as the base for demonstrating compliance with specific requirements. In this presentation, Sławomir Górniak, Senior Cybersecurity Expert with the European Union Agency for Cybersecurity (ENISA), will provide insight into the current situation with the European legislation and standardization, as well as look ahead to areas of interest.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

Many global corporations manufacturing IoT devices today outsource this critical business function. It's not surprising that security concerns are rising regarding data and secret key provisioning at the manufacturing stage.

Therefore, OEM, EMS, and electronic device manufacturers deploying PKI and providing secret keys face serious security challenges.

Laurent Masson, CTO of Trusted Objects, will review the vulnerabilities and risks that companies encounter as part of the standard IoT device manufacturing process.

Through a zero-trust lens, Laurent will explain how to secure each step of this process with state-of-the-art solutions. He'll also discuss how to deliver PKI in manufacturing in a secure way, even in an untrusted environment.

Laurent will also share his experience securely provisioning a generic MCU. This use case will demonstrate how an initial certificate can be securely delivered and injected by the OEM during manufacturing to comply with the Matter Connectivity standard.

Earn 0.25 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

In this session, you'll learn how Rakuten approaches PKI design, implementation, and automation for both their 5G infrastructure and Enterprise IT applications. We'll cover best practices for PKI architecture and deployment using EJBCA and containers, migration from RSA to ECDSA, and meeting changing regulatory requirements. We'll also touch on the reasons for leveraging protocol-based (CMPv2) versus non-standards based automation (Keyfactor Command).

From the Internet to the Internet of Things (IoT), PKI has been and continues to be the bedrock of trust in our digital world. Just when we think PKI has reached its limit, another innovative use case emerges – from e-commerce to the cloud, e-passports to planes, trains, and automobiles – PKI is everywhere.

Take a step back in time with Ted Shorter, CTO at Keyfactor, as he shares 20 years in the PKI industry with PrimeKey and Keyfactor, and shares what the lessons of the PKI past can teach us about the future as we approach yet another crossroads: Post Quantum Cryptography.

Earn 0.50 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.

From securing the Internet to protecting devices and workloads in the enterprise to embedding identities in next-generation Internet of Things (IoT) devices, PKI is critical infrastructure – the foundation of digital trust in our modern world.

In this panel discussion, we sit down with IT and security leaders from world-leading companies in technology, finance, and manufacturing to explore the incredible ways they use PKI to power and protect their businesses. We’ll discuss the role of PKI in modern organizations, how it’s evolved and adapted to changes in the IT landscape, and the different approaches to implementation and design.

Speakers:
Tomas Gustavsson, Chief PKI Officer at Keyfactor
Admir Abdurahmanovic, SVP Strategy at Keyfactor
Dr. Lutz Jänicke, Corporate Product & Solution Security Officer at Phoenix Contact
Ibrahim Akkulak, Senior Security Consultant at Rakuten Symphony Deutschland GmbH

Earn 0.75 CPE credits on this session. Keyfactor is an approved (ISC)² CPE Submitter, partner.