1 / 12

Public Key Infrastructure in EBusiness

Public Key Infrastructure in EBusiness. By Umair Ali. Introduction. PKI - a security architecture – over the internet. Provides an increased level of confidence for exchanging information. architecture addresses confidentiality, integrity, non-repudiation and authorization of data.

riva
Download Presentation

Public Key Infrastructure in EBusiness

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Key Infrastructurein EBusiness By Umair Ali

  2. Introduction • PKI - a security architecture – over the internet. • Provides an increased level of confidence for exchanging information. • architecture addresses confidentiality, integrity, non-repudiation and authorization of data. • Supports the distribution, management, expiration, rollover, backup, revoking of public and private keys

  3. Components of PKI • The End-Entities (EE) – end user or an application. • The Certificate Authority (CA) – third party assigns certificates • The Certificate Repository (CR) - stores certificates that are issued and also revoked certificates • The Registration Authority (RA) – optional component • Digital Certificates (X.509 V3) -

  4. Implementation steps • Gather information • Make decision • Choose PKI vendors • Prepare infrastructure • Implement PKI

  5. PKI interoperability • also known as multi vendor interoperability – where different technologies from different vendors are used by different clients including different applications. • Interoperability helps to support transactions between different parties that use different technology supplied by the different vendors

  6. PKI interoperability - Issues • Different policies for issued certificates • Different features in PKI applications • Different certificate storage and retrieval standards • Different X.509 extensions • Different obligations on certificate subjects • Different PKI knowledge among organizational staff

  7. Interoperability Model • Hierarchical model • Peer to Peer model also known as Mesh Model • Bridge Model

  8. Hierarchical Model http://www.galexia.com/public/research/assets/pki_interoperability_models_2005/pki_interoperability_models_2005-4_1_.html

  9. Cross-Certification (Mesh) Model http://www.galexia.com/public/research/assets/pki_interoperability_models_2005/pki_interoperability_models_2005-4_1_.html

  10. Bridge Model http://www.galexia.com/public/research/assets/pki_interoperability_models_2005/pki_interoperability_models_2005-4_1_.html

  11. Current important PKI Designs • Europe - ISA • OASIS PKI Forum • The Asia PKI Forum • APEC

  12. Thank you for your attention You question My Answer 

More Related