|Not being able to control client time synchronization can lead to serious business and legal implications. How can one ascertain at all that an event at a client side has occurred in a valid time? We propose a conceptual and technological framework, together with necessary tools, to define and implement VALID TIME concept, which we define as a time interval which lower and upper values can be determined depending on a given purpose, market or use case.|
Distributing authenticated time in a way that it can be verified remotely as VALID/INVALID at a client side, we offer unique added-value services such as TRUSTED TIME DISTRIBUTION, and remote TIME AUDITING.
This solution allows the dissemination of UTC time over Internet using NTP (Network Time Protocol). It enables remote assessment of the client clock synchronization by providing audits with advance reporting. It distributes authenticated UTC to client in a way that time of the client can be verified, also retrospectively, as VALID or INVALID (e.g. for the purpose of litigations in B2B transactions). The service uses public-key cryptography (PKI: Public Key Infrastructure) providing properties such as: integrity, non-repudiation, validity and authentication. End-users can use several advanced tools, including NTP server with trusted UTC and cryptographic RFC3161 stamping of file documents provided by build-in TSA (Time Stamping Authority).
Features and benefits
1) Trusted (authenticated) UTC time distribution using std. NTP
2) Remote (client) clock performance auditing and reporting.
3) Ex-post client time validity verification available from a database (DB).
4) 1-10 millisecond accuracy for Internet connection with microsecond resolution.
5) Equipped with TSA (Time Stamping Authority) server RFC 3161
6) Public-key encryption for integrity and non-repudiation.
Designed for National Time Authority UTC distribution via TCP/IP and Internet
How it works
The service is ideal for business requiring official time from National Time Authority (NTA) – a common unified, single source of UTC time distributed by Ethernet (TCP/IP) or public Internet. It can also be used as an efficient auditing tool by independent, trusted third parties (e.g. operators authorized by NTA). The service might be useful for financial establishments, telecom industry, power distribution operators, traffic control agencies and public administration. It includes all necessary software (SW) & hardware (HW) components for trusted time distribution, client time auditing, and verification of user time validity.
The architecture of the system is scalable and open for future extensions such as new protocols PTP/WR improving accuracy of service. The minimum configuration includes 2 components:
NTS-7000-TSG-SDH time generator (TSG) with built-in audit data collector (SDH) and database (DB). This product is mostly located at NTA or authorized third party (operator). It distributes time via LAN or Internat to user terminal (UT) located at end-user premises.
NTS-7000-UT user terminal (UT) producing UTC output w/ NTP (also offering TSA functionality). It receives UTC from TSG and redistributes it locally inside corporation.
More advanced IT configurations may require multiple NTS-7000-UT connected to single NTS-7000-TSG-SDH. Extra large enterprises and state time distribution systems might require to diverse TSG, SDH and DB to implement as separate autonomous operating components (servers).