Participant Technical Reference Manual - IESO

More documents

Recommendations

Info

2. Participant Workstation, Network & Security IMO_MAN_0024 110 Since it is possible for users to share workstations, it is recommended by the IESO that separate browser profiles be created for each user where the workstation is shared and that the certificate database within each profile be protected by a password. The browser has the capability of password protecting the certificate database it uses for each user profile. It is up to the market participant to determine and use a password for each user profile certificate database, which is completely independent of the EPF and P12 files password. 111 For the Application Subscriber, two types of certificates will be generated in one file format. A verification (associated with the private signing key) certificate and an encryption certificate (associated with the private decryption key). Each type of certificate has a private and public key associated with it. Applications using the MIM API Application will use these types of certificates and keys. The verification and encryption certificates are encapsulated within an Entrust Profile File (EPF file extension). 112 The “Certificate Subscriber Agreement”, signed by an Authorized Signatory at the market participant, governs the certificate modes of use, accountability and responsibility. 113 The private signing keys within the EPF and P12 files are never backed up by the CA. This ensures that only the owner has access to them. Only the individual or application subscriber should have access to the private keys assigned to them. Messages and data signed will be verified as authentic with a corresponding verification public key registered to the Certificate Subscriber. 114 In order to comply with the ”Certificate Subscriber Agreement”, the IESO recommends the market participant store all private keys (in the EPF and P12 files) on secure media. The IESO strongly suggests, if and when available, the use of Smartcard technology to secure the certificate/private keys EPF and P12 files. Smartcard use will benefit the market participant in key management, non-repudiation and portability between servers and workstations. The IESO will announce when provision for Smartcards can be deployed. Until then, the IESO does not recommend placing private keys in a publicly accessible directory on the hard drive of any system. Private keys placed on unsecured hard drives are highly vulnerable to password attacks. These private keys allow designated individuals‟ access to sensitive, proprietary information, and in some cases, allow for submission of bids and offers. Bids and offers are signed with these private keys. If private keys are stolen undetected, and this act is not reported to the IESO LRA, it is possible to submit counterfeit bids and offers. Successfully stolen private keys could also be used by competitors to gain a market advantage by passively watching transactions. Market participants are solely responsible for protecting their private keys and are required under the provisions of the "Certificate Subscriber Agreement" to report immediately to the IESO LRA any suspicious act regarding such that may have taken place. 115 The IESO suggests at a minimum, market participants provide for storage of keys on a floppy disk, secured directory on a workstation or network drive or, some other form of secure media for operational use (e.g. user controlled USB memory card or equivalent). This should be combined with normal backup practices for the most current EPF and P12 files to provide for disaster recovery purposes and to ensure reasonable continuity of access to the IESO secure web servers. If and where the EPF and P12 files are stored on network servers, the IESO recommends that secure individual directories for each user be created and used, rather than a single common directory for all certificate files 40 Public Issue 21.1 – March 15, 2010 - estimated
Participant Technical Reference Manual 2. Participant Workstation, Network & Security used at a market participant. The access to each user's directory must be limited to the user/owner of the certificate files stored within each directory and, where required, to authorized administrative personnel. The management of certificates is up to the market participant within the restrictions of the "Certificate Subscriber Agreement". This does not imply that lost or corrupt EPF and P12 files will result in critical loss of service since the IESO and its CA can securely enable recovery or re-creation of any Certificate Subscriber‟s certificates as per the procedures documented in the "Identity Management Operations Guide". However, there is a procedural time component for „recovery‟ or re-creation, which may result in longer loss of access time than anticipated for the user. 116 Each current EPF file must be stored in one and only one location to prevent potential automatic update conflict problems when used within the MPI or Portal. Multiple copies of an EPF file spread over and actively used at several workstations will result in problems when automatic update is required and will result in de-activation of the certificates until recovery is requested and achieved. 117 The certificate user (i.e. an individual person, computer application) must have read/write access to their certificate EPF and P12 files for access and create/update purposes, but no access to another user's certificate files. As discussed, this can be a local floppy drive, a secure network directory location or other form of secure read/write capable media etc. Read/write access to the files is required only by the market participant user (or in the case of certificates used for access to the market systems via the MIM API, the application/custodian) who 'owns' them. This read/write access does not provide outside parties, such as the IESO or the IESO's Certification Authority, access to the market participant's certificates, servers or workstations through the MPI, Portal or API except those privileges granted by the user during login for downloading the applet etc. All communications between the market participant's systems accessing the IESO secure servers is encrypted within a SSL v3 session for each user. 118 Only a small, limited amount of disk space is required for storage of digital certificate files. Each EPF file typically takes about 10 to 15KB initially upon creation, while the P12 file takes about 4KB in size. Over time, with each updating event, these files will grow as they will contain key and certificate update history. A reasonable storage space requirement for certificate files in any directory / media location is about 100 KB for a single user. Any change to this is easily manageable. 119 MOSMIM and/or the Portal‟s identity management components will check for data integrity, authenticity, and authorization. When bids or offers are uploaded to MOSMIM or an application hosted in the Portal, the Individual or Application Subscriber digitally signs (via the Internet Explorer browser and MIM MPI Applet, TruePass applet or the MIM Programmatic API Application) and submits the bid/offer data and the associated unique digital signature of the data to the IESO. Upon receipt of the uploaded bid/offer data the MOSMIM Web Server or Portal Truepass component takes the data and re-computes the hash of the data. MOSMIM or the Portal hosted application then takes the received digital signature created automatically by user with their private signing key and the MPI Applet, TruePass applet or MIM API and recreates the hash of the data from the signature (a signature is just an encrypted one way hash) using the Individual or Application Subscriber‟s public verification key. If the two independently derived hashes agree, this ensures the data sent and received is identical and was not tampered with in transit. For the MPI and MIM API to ensure the signer is the authenticated user, the user is identified from the SSL (Secure Socket Issue 21.1 – March 15, 2010 - estimated Public 41
Page 1 and 2: MANUAL PUBLIC IMO_MAN_0024 Market M
Page 3 and 4: Participant Technical Reference Man
Page 47: Participant Technical Reference Man
Page 99 and 100:
Appendix B: List of Commonly Used A
show all

Participant Technical Reference Manual - IESO

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?