 GPKI
Introduction |
 |
Government Public Key Infrastructure,
GPKI is based on the Electronic Government Promotion Act (from Annual
year 2001 to 2004). Its purpose is to strengthen electronic government
infrastructure, establish electronic certification and security system
for executive administration. It is the Hierarchy PKI based on ITU-T X.509
standard, which includes the trust anchor for this PKI, Government Root
Certification Authority (GRCA), and subordinate CAs for individual government
sectors. Other CAs within the GPKI is established by individual government
sectors. They issue the certificates used in applications for electronic
government in order to provide more convenient Internet service for civilian,
improve governmental administration efficiency and promote applications
development of electronic commerce. |
| |
| The
Development of GPKI |
|
In the development
of government electronic certification system, the
goal of the first phase is to establish a common CA
for each governmental sector to test. This single CA
performs the functions of Root CA's and other related
CAs'. The goal of the second phase is to construct
a Root CA, according to the application status and
technology maturity. Also each government sector can
establish necessary CA based on the GPKI Hierarchy.
On August 18, and November 13, year 2000, the Research
and Developing Council of the Executive Yuan has gathered
officials from other government sectors, experts and
researchers to hold a meeting of electronic government
certification services. In order to reach the integrity
and variability of certification applications, we have
decided to divide the e-government electronic certification
structure into the following components. |
 |
PKI:
provide the public certificate services |
|
Privilege
Management Infrastructure (PMI): provide the
attribute certificate services |
|
| |
| The
Assignation of Each Certificate Authority Service |
|
| According
to the Promotion Act of Electronic Government (Annual
year 2001 to 2004), the following is the responsibility
for each CA. |
|
Research
and Development Council: establish the GRCA, Government
Certification Authority (GCA) and TestCA. |
|
Department
of Economics: establish the CA of Ministry of Economic
Affairs (MOEACA). |
|
Department
of Interior: establish the CA for civilian. |
|
CA
for organizations governed by government sector
will be the GCA. |
|
| |
| The
Ways to The Establishment |
|
|
Establish
the GRCA and GCA. |
|
When
GRCA and GCA are established, shifting the government
agency/unit Certificates from the original GCA
to new GCA. |
|
The
electronic commercial certificates issued by GCA
will be issued by MOECA. |
|
Appropriate
CAs now will issue other certificates issued by
the GCA. This will complete a systematic PKI structure. |
|
| |
