Clients who intend to communicate electronically with the Department through the ICS must purchase one or more digital certificates. Clients are required to use PKI technology.
The security features of PKI include:
- authentication (knowing who the message is from)
- integrity (knowing it has not been tampered with)
- non-repudiation (knowing that the sender cannot deny having sent it)
The Department's PKI framework is established under the Government's 'Gatekeeper Strategy'. This means that the Department will only accept certificates issued by Certifying Authorities accredited under Gatekeeper, and which also meet the Department's service level standards.
Currently the only Gatekeeper accredited Certifying Authority recognised by the Department is Symantec Australia. Digital certificates are purchased through Symantec.
Visit the Symantec website.
What is a digital certificate?
A digital certificate should be considered as an electronic signature of either an individual and/or related entity. The digital certificate exists as a software file and is housed within web-browsers. A digital certificate creates a unique identifier that can be checked by the receiver of information to provide evidence of the sender's identity and confirm that the document (if signed) has not been altered or interfered with.
A digital certificate contains two separate certificate parts (each with public and private keys); one for signing (authenticating) and another for encrypting/decrypting electronic messages.