Secure communication through public key encryption and digital certificates against third-party monitoring: TeleTrusT security Federation recommends German institutions use existing protection technology ‘made in Germany’ Berlin, 02.07.2013 from the recent revelations to the monitoring of communications by foreign services becomes apparent that including German individuals and companies by data acquisition and evaluation are affected. These include both emails and data that are exchanged through cloud services. Top priority must be admitted to the protection of this data. This can happen with public key encryption and digital certificates from the CA (certification authority) a company PKI (public key infrastructure) were issued. The 2001 established European Bridge CA (ECWM) is a trust network of PKIs. Members include among others the German Bank, the Deutsche Bundesbank, E.ON, Siemens, Siemens Enterprise Communications, the PKI-1 of the Federal Administration (represented by the BSI) and the RTR Austria. The ECWM enables a secure and trusted cross-organizational communication. It thereby builds on three pillars: organizational confidence by a common policy, technical confidence through a trust list (certificate trust list CTL) and the Central availability from the outside through a directory service.
The CTL contains CA certificates of participants and can be easily imported by anyone or automatically distributed. The ECWM CTL is not a product of US based software vendor in the CTLs, one reaches CA only with high financial investments, but the result of trust agreements in accordance with the ECWM directive. The directory service provides secure access to the certificates of the ECWM participants. This service is operated with the “certBox” a German manufacturer in a German data center. Thus, every Internet user can send ad-hoc encrypted E-Mails to the ECWM participants. When a continuous end-to end encryption from device to device Repelled eavesdropping from the internal network.
With this easy-to-use mechanisms, the ECWM creates a security level of communication, if the eavesdropping itself by a powerful attacker is highly unlikely. TeleTrusT calls on the German economy, to invest more than so far in such national IT security structures. For more information,. TeleTrusT security Federation The German IT Security Association (TeleTrusT) is a network of excellence, which includes domestic and foreign members from science, industry and administration, as well as thematically related partner organisations. TeleTrusT offers forums for experts, organized events or event participation and comments on current questions of security. TeleTrusT is the “TeleTrusT European Bridge CA” (ECWM; PKI-Vertrauensverbund), the expert certificate “TeleTrusT information security professional” (T.I.S.P.) as well as the quality mark “IT security made in Germany”. Headquarters of the Association is Berlin. TeleTrusT is a member of the European Telecommunications Standards Institute (ETSI).