{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

Public Key Infrastructure

Public Key Infrastructure - Public Key Infrastructure 1...

Info iconThis preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
Public Key Infrastructure 1 Public Key Infrastructure Webster University COMP 5220 Emmet Henry
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Contents What is PKI--------------------------------------------------------------------------------- 3 Security Requirements-------------------------------------------------------------------- 3 Components of PKI------------------------------------------------------------------------ 4 Public Key Cryptography---------------------------------------------------------------- 7 PKI Advantages---------------------------------------------------------------------------- 10 PKI Disadvantages------------------------------------------------------------------------- 11 ID/password or PKI security------------------------------------------------------------- 11 SSL -------------------------------------------------------------------------------------------- 12
Background image of page 2
What is Public Key Infrastructure? Public key infrastructure is a system required to provide key encryption and digital signature services. PKI is a set of policies, procedures, facilities, people, software, and hardware that allow issuing, and managing of public key certificates by establishing trust in distributed environment. Security Requirements: Security requirements of online application are best met by cryptography. These applications must be PKI-enabled to be able to access PKI resources such as certification authority, certificate directory, and certification register. Authentication: any party (sender or receiver) can verify that a user is who he/she claims to be. When an application is PKI enabled, it uses digital signature and public key certificate processes to authenticate individuals, organizations, servers, or any entity. Authorization: verifies that an entity has permission to perform a task, transaction or a right to access certain resources. It also prevents unauthorized activity. Non-repudiation: helps to make it easy to prove that who has done a transaction. The sender or receiver cannot deny a transaction that he/she has done. PKI enabled applications provide the date and time when transaction occurred and maintain an audit log record. Privacy: prevents eavesdropping or unauthorized access. The information should be readable only by the expected receiver.
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Integrity: protects information from tampering. It ensures that a message has not been altered. Components of PKI 1. Security Policy There are two main policies that determine the operational and technical practices of a PKI: The Certificate Policy (CP): A named set of rules that indicate the applicability of a certificate to a particular class of application with common security requirements. The Certification Practice Statement (CPS): A statement of the practices, which a certification authority employs in issuing certificates . 2. End Entity Application (EE) It is implemented as software for the end user and its functions include: - Generate, store and allow access to a user’s public key pair - Complete, sign and submit first time certificate applications - Complete, sign and submit certificate renewal requests - Complete, sign and submit certificate revocation requests - Search for and retrieve certificates and revocation information - Validate certificates and read the certificate contents - Generate and verify digital signatures 3. Certification Authority (CA)
Background image of page 4
Certification authority is a trusted third party to create and assign public key certificates.
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}