Académique Documents
Professionnel Documents
Culture Documents
5.Receiving party verifies digital signature with sender's public key and requests verification of sender's digital certificate from CA's public repository.
6.Repository reports status of subscriber's certificate.
KB
K-
CA
are four main types of digital certificates :Server Certificates Personal Certificates Organization Certificates Developer Certificates
Server Certificates
Allows
visitors to exchange personal information such as credit card numbers, free from the threat of interception or tampering. Server Certificates are a must for building and designing e-commerce sites as confidential information is shared between clients, customers and vendors.
Personal Certificates
Personal Certificates allow one to authenticate a visitors identity and restrict access to specified content to particular visitors. Personal Certificates are perfect for business to business communications such as offering suppliers and partners controlled access to special web sites for updating product availability, shipping dates and inventory management.
Certificates are used by corporate entities to identify employees for secure e-mail and web-based transaction. Developer Certificates prove authorship and retain integrity of distributed software programs e.g. installing a software on a computer system in most instances requires what is called a serial key
Example of a Certificate:
Serial number (unique to issuer) info about certificate owner, including algorithm info about and key value itself (not shown) certificate issuer valid dates digital signature by issuer
3.
4.
When Alice wants Bobs public key: Alice gets Bobs certificate (from Bob or elsewhere). apply CAs public key to Bobs certificate, get Bobs public key
digital signature (decrypt)
+ KB
KB
CA public key
K CA
a number of Internet applications that include: 1.Secure Socket Layer (SSL) developed by Netscape Communications Corporation 2. Secure Multipurpose Internet Mail Extensions (S/MIME) Standard for securing email and electronic data interchange (EDI).
Secure Electronic Transactions (SET) protocol for securing electronic payments 4. Internet Protocol Secure Standard (IPSec) for authenticating networking devices
malls, electronic banking and other electronic services are a commonplace offering service from the luxury of ones home. Ones concern about privacy and security may prevent you from taking advantage of the luxury; this is where digital certificate comes in.
alone is not enough as it provides no proof of the identity of the sender of the encrypted information. Used in conjunction with Encryption, Digital Certificates provides a more complete security solution, assuring the identity of all the parties involved in a transaction.
MS Explorer Users:-
Open your MS Internet Explorer Click on the Tools Menu From the drop down list, select Internet options Click the Content tab Click the certificates button
Netscape users:-
Open your Netscape Communicator Click on the Communicator Menu From the drop down list select the Tools and then Security info Click on the Certificates link to view and learn more about each certificate type stored by Netscape
the number of passwords a user has to remember to gain access to different network domains. They create an electronic audit trail that allows companies to track down who executed a transaction or accessed an area.
problem with a digital certificate is where it resides once it is obtained. The owner's certificate sits on his computer, and it is the sole responsibility of the owner to protect it. If the owner walks away from his computer, others can gain access to it and use his digital certificate to execute unauthorized business.
best way to address the vulnerabilities of digital certificates is by combining them with biometric technology, as that confirms the actual identity of the sender, rather than the computer.
Glossary
PKI Public Key Infrastructure (PKI) provides a framework for addressing the previously illustrated fundamentals of security listed above. Encryption- Encryption is converting of data into seemingly random, incomprehensible data. Decryption- Decryption is reversing encryption via the use of Public and Private Keys.
In Conclusion
Public
Key Cryptography is used in message authentication and key distribution. Key management is achieved by Digital Certificates, which are a mechanism that enables distribution of keys to participants exchanging information. They ensure the Confidentiality of these messages and the Authentication of the participants.
In Conclusion
The
strength of Digital Certificates through X.509 lies, inter alia, in the fact that they have been standardized by the ITU-T. This makes for security in investment and training, as it is assured Digital Certificates will be maintained in the future.
Bibliography
e-Business & e-Commerce: How to Program, 1/e, by H.M. Deitel, P.J. Deitel and T.R, Nieto, Prentice Hall, 2000 Cryptography and Network Security, 2/e, by William Stallings, Prentice Hall, 2000 Electronic Commerce: A Managerial Perspective, 1/e, by Efraim Turban, Jae Lee, David King and H.Michael Chung, Prentice Hall, 2000
Bibliography
http://gsa.gov/ACES
http://ec.fed.gov
http://smartcard.gov
Second Edition
Bibliography
Digital
Certificate
authorities move in-house: Group Telecom and PSINet track users with digital certificates by: Hanna Hurlrey
Bibliography
DIGITAL
CERTIFICATES: On good authority by: Deryck Williams digital certificates secure? by: Benjamin Hammel
Are
Bibliography