Banking on interoperability: Secure, interoperable credential management

An interoperable credential system allows users to reference a single asymmetric key pair to logon to multiple web sites and digitally sign transactions. Models that govern how keys are created, authorized, validated, and revoked are a crucial part of such a system. These models have security, scalability, and liability implications for businesses, so the requirements vary depending on the parties involved. However, the prevailing the public key infrastructure (PKI) system does not meet these diverse needs. PKI requires a certificate authority (CA) to act as a trusted third party for the parties in a transaction. For example, PKI features a receiver key validation model that requires the receiver of the transaction to communicate with a CA to validate the sender’s key used to sign a transaction. These aspects conflict with liability concerns and interoperability goals of businesses doing high-value transactions such as wholesale banking. This paper presents Partner Key Management (PKM) as a mechanism which sufficiently addresses security and liability concerns of businesses performing high-value online transactions, and uses wholesale banking as the motivating example. PKM does not rely on a trusted third party, and features several flexible revocation models to accommodate diverse regulations. PKM is not merely a proposal. Rather, the financial industry has implemented the technology in some of its wholesale banking sites thereby securing millions of dollars of transactions every day. Finally, this paper justifies the security of PKM and its flexible revocation models; and illustrates the justification with proofs through formal logic.