Digital certificates ensures secure transactions over internet. This presentation is about information security and secure online transactions through digital certificates.
Courtesy: www.ifour-consultancy.com
4. Digital Certificate
• Electronic counterparts to driver licenses, passports
• Prove your identity or right to access information or
services online
• Bind an identity to a pair of electronic keys
• Provide a more complete security solution
• Role of Certification Authority (CA)
5. Digital Certificates
• Structure of Digital Certificate
– Owner's public key
– Owner's name
– Expiration date of the public key
– Name of the issuer (the CA that issued the Digital
Certificate)
– Serial number of the Digital Certificate
– Digital signature of the issuer
• Defined by CCITT X.509 international
standard
6. Digital Certificates
• Provide support for public key cryptography (PKC)
• Digital certificates contain the public key of the entity
• It rely on PKC for their own authentication
• Used on handheld devices, mobile phones, on
portable cards, smart cards
7. public key infrastructure (PKI)
A public key infrastructure (PKI) consists of the
components necessary to securely distribute public
keys
It consists of:
– Certificates
– Certificate authorities (CAs)
– A repository for retrieving certificates
– A method for revoking certificates
– A method of evaluating a chain of certificates
8. Public Key Infrastructures (PKIs)
• To use public key methods, an organization
must establish a comprehensive Public Key
Infrastructure (PKI)
– A PKI automates most aspects of using public key
encryption and authentication
– Uses a PKI Server
9. Public Key Infrastructures (PKIs)
• PKI Server Creates Public Key-Private Key Pairs
– Distributes private keys to applicants securely
– Often, private keys are embedded in delivered
software
PKI
Server
Private Key
10. Public Key Infrastructures (PKIs)
• PKI Server Provides Certificate Revocation
list (CRL) Checks
– Distributes digital certificates to verifiers
– Checks certificate revocation list before sending
digital certificates
PKI
Server
Digital Certificate
11. Public Key Infrastructures (PKIs)
• CRL Checks
– If applicant gives verifier a digital certificate,
– The verifier must check the certificate revocation
list
PKI
Server
OK?
OK or Revoked
CRL
16. Need of Digital Certificates
• Proper Privacy and Security
• Trust
• Special safeguards
• Assuring the identity of all parties
• To provide legitimate content
17. Digital Certificate Services
• Services
– Issuing
– Revocation
– Status services
• Types of Digital Certificates
– Server
– Developer (For softwares)
– personal
18. Digital Signature
• Function as hand written signature
electronically
• Non repudiated
• Enable "authentication" of digital messages