Johnson & Johnson’s

Public Key Infrastructure

Bob Stahl
rstahl@corus.jnj.com
 Johnson & Johnson
• The world’s largest and most comprehensive
manufacturer of health care products
• Founded in 1886
• Headquartered in New Brunswick, New Jersey
• Sales of $42 billion in 2003
• 200+ operating companies in 50+ countries
• 109,000+ employees worldwide
• Customers in over 175 countries

Nov-2004 - 2
 Baseline PKI Architecture

JJEDS JJEDS
Authoritative Offline Root CA CRL
Feeds -
Employees, JJEDS (ORCA) Distribution
Partners,
Enterprise JJEDS Principal Website
Servers,
Email addresses, Directory Online CA
Windows IDs (POLCA)

PKI and Directory Enabled

Applications

Nov-2004 - 3
 JJEDS PKI Principles
• Based on open standards
• Directory-driven
 Directory is the global identity master
• Web-based, self service model
• Strong identity proofing
• Build and operate it ourselves
• Separate signing and encryption keys
• Hardware tokens preferred
• Support operation in FDA-validated environments

Nov-2004 - 4
 Standards Based
• LDAP Directory
• X.509v3 Certificates and CRLs
 RFC 2459, Internet X.509 Public Key
Infrastructure Certificate and CRL Profile
• RFC 2527 Certificate Policy and
Certificate Practice Statement
 Rewrite underway based on RFC 3647

Nov-2004 - 5
 Self-Service Registration
1. New employee, 2. Overnight, Alice has
Alice, is entered an entry in the
Enterprise
into HR Database Enterprise Directory
Directory
4. One-time codes are generated
3. When Alice is ready to get and emailed to Alice and her
her Digital Identity, she visits supervisor
the JJEDS web site

CAC IVC

4. Alice’s supervisor delivers her

5. Alice returns to JJEDS and
authenticates with her IVC and 7. Alice’s certificates are
CAC
6. Alice’s certificates are
generated on her client, and
provide only her ID, not her
access privileges
IVC to her person-to-person
published to the Enterprise
Directory and from there to
the Email directory 9. When Alice’s cert is about
to expire or if her Name or
8. Alice’s signature key is Email changed, then she can
never duplicated -- her revoke her old certificate and
decryption key is escrowed get a new one by herself.
for contingencies

If Alice ever need to recover

an old encryption key, she
can do it herself

Nov-2004 - 6
 Security Vision
Directory- Unique Legal &
Centric identities Regulatory
Corporation for people Compliance
(Global (and
Identity machines)
Eliminate Master) Secure
Passwords Electronic
Transactions
JJEDS
Digital Identities
Authoritative Sources
Nov-2004 - 7
 Applications
• Directory took off on its own –
150,000+ active entries
 WWID-based login
 Workflow routing
 Phonebook replacement
 Online organization charts
 Compliance tracking / training
 Email lookups for applications

Nov-2004 - 8
 PKI Applications
• Remote Access – 60,000+ users
• Secure Email
 Research collaboration
 Legal department
 Marketing
 Personnel discussions
• Adverse event reporting
• Skincare marketing intelligence web site
• SOX compliance reporting
• Ethics certification
• Coming Soon – Enterprise Apps
 e.g., SAP, Oracle, Windows Login

Nov-2004 - 9
 Next Leap - SAFE
• SAFE – Secure Access for Everyone
• What is it?
 Biopharma industry consortium aimed at facilitating
e-transactions through SAFE-wide digital credentials
 Participants include J&J, Pfizer, Merck, GSK,
Aventis, Lilly, PG, Novartis, others
 Technology selected for use: PKI
• PKI perspective:
 Additional emphasis on Digital Signatures

Nov-2004 - 10
 SAFE Value Potential

Nov-2004 - 11