SlideShare une entreprise Scribd logo

Securing email and electronic documents with digital certificates, by nicholas davis

Télécharger en tant que PPT, PDF
Nicholas Davis
Nicholas Davis
Technologie
1  sur  31
Securing Email And Electronic Documents With Digital Certificates Nicholas Davis – UW-Madison
Introduction Nicholas Davis PKI Project Lead at UW-Madison Background in encryption and authentication technologies Internet 1.0 is over Compliance is the word for 2010 Digital certificates bring security and assurance to your electronic processes
Session Overview • What is a PKI? • What are digital certificates? • What can they be used for? • History of PKI and digital certificates at UW-Madison • Expansion of PKI to UW System • Question and answer session • Moving forward!
What Is In a PKI? • Credentialing of individuals • Generating certificates • Distributing certificates • Keeping copies of certificates • Reissuing certificates • Revoking Certificates
What is a Digital Certificate?
What is in a Certificate?
Digital Certificate Uses Digital Signing – Sign email and documents to prove that they came from you AND have not been altered from their original form. Encryption – Protects email and attachments from being viewed or altered while in transit or storage Authentication – Replacement for username and password
Digital Signatures • Provides proof of the author • Testifies to message or document integrity • Valuable for both individual or mass email
What Does a Digital Signature Prove? Provides proof that the email came from the purported sender…Is this email really from Britney Spears? Provides proof that the contents of the email have not been altered from the original form
What if This Happens at the UW? Could cause harm in a critical situation Case Scenario Multiple hoax emails sent with Chancellor’s name and email. When real crisis arrives, people might not believe the warning. It is all about trust!
A Digital Signature Can Be Invalid For Many Reasons
Is Email Secure?
Encryption Encrypting data with a digital certificate Secures it end to end. • While in transit • Across the network • While sitting on email servers • While in storage • On your desktop computer • On your laptop computer • On a server
Email Security Do you perceive your email to be as visible as a postcard? Do you send sensitive information in email or as an attachment? How can you be sure the email you send is protected once it reaches its final destination?
Public and Private Keys The digital certificate has two parts, a PUBLIC key and a PRIVATE key The Public Key is distributed to everyone The Private Key is held very closely And NEVER shared Public Key is used for encryption and verification of a digital signature Private Key is used for Digital signing and decryption
Encryption
Getting Someone’s Public Key The Public Key must be shared to be Useful It can be included as part of your Email signature It can be looked up in an LDAP Directory Can you think of the advantages and disadvantages of each method?
Who Could This Public Key Possibly Belong To?
Secure Email is Called S/MIME • S/MIME = Secure Multipurpose Mail Extensions • S/MIME is the industry standard, not a point solution, unique to a specific vendor
Authentication - One Card - One Identity
Credentialing • Non technical, but the most important part of a PKI! • A certificate is only as trustworthy as the underlying credentialing and management system • Certificate Policies and Certificate Practices Statement
Certificate Generation and Storage • How do you know who you are dealing with in the generation process? • Where you keep the certificate is important
Distributing Certificates • Can be done remotely – benefits and drawbacks • Can be done face to face – benefits and drawbacks
Keeping Copies – Key Escrow • Benefit – Available in case of emergency • Drawback – Can be stolen • Compromise is the best! • Use Audit Trails, separation of duties and good accounting controls for key escrow
Certificate Renewal • Just like your passport, digital certificates expire • This is for the safety of the organization and those who do business with it • Short lifetime – more assurance of validity but a pain to renew • Long lifetime – less assurance of validity, but easier to manage • Use a Certificate Revocation List if you are unsure of certificate validity
Trusted Root Authorities • A certificate issuer recognized by all computers around the globe • Root certificates are stored in the computer’s central certificate store • Requires a stringent audit and a lot of money!
It Is All About Trust
Encrypting An Email
Future of PKI at the University of Wisconsin Migrating to a new PKI provider 5 year lifetime on certificates LDAP push and pull connectivity Beyond UW-Madison, to include other UW System campuses Secure business communications via email between campuses Perhaps replacing username and password authentication for sensitive applications.
It Really Is Up To You! • Digital certificates / PKI is not hard to implement • It provides end to end security of sensitive communications • It is comprehensive, not a mix of point solutions • Internet 1.0 is gone, let’s get down to the business of securing our communications.
Question and Answer Session • Nicholas Davis • ndavis1@wisc.edu • Please let me know how I can be of assistance in your PKI, digital signature and secure email efforts

Recommandé

Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
 
Pki the key to securing sensitive communications
Pki the key to securing sensitive communicationsPki the key to securing sensitive communications
Pki the key to securing sensitive communicationsNicholas Davis
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
 
Digital signature
Digital signatureDigital signature
Digital signatureJanani S
 
How to secure your emails for sensitive docs
How to secure your emails for sensitive docsHow to secure your emails for sensitive docs
How to secure your emails for sensitive docsDavid Strom
 
Digital signature service in noida
Digital signature service in noidaDigital signature service in noida
Digital signature service in noidaDSC Delhi
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureAdarsh Kumar Yadav
 
Into the Cloud
Into the CloudInto the Cloud
Into the CloudAmazon Web Services
 

Recommandé

Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...
Pki & Personal Digital Certificates, Securing Sensitive Electronic Commun...Nicholas Davis
 
Pki the key to securing sensitive communications
Pki the key to securing sensitive communicationsPki the key to securing sensitive communications
Pki the key to securing sensitive communicationsNicholas Davis
 
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...
Pki & Personal Digital Certificates, The Key To Securing Sensitive Electr...Nicholas Davis
 
Digital signature
Digital signatureDigital signature
Digital signatureJanani S
 
How to secure your emails for sensitive docs
How to secure your emails for sensitive docsHow to secure your emails for sensitive docs
How to secure your emails for sensitive docsDavid Strom
 
Digital signature service in noida
Digital signature service in noidaDigital signature service in noida
Digital signature service in noidaDSC Delhi
 
Digital Signature
Digital SignatureDigital Signature
Digital SignatureAdarsh Kumar Yadav
 
Into the Cloud
Into the CloudInto the Cloud
Into the CloudAmazon Web Services
 
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...Paul Pivec
 
FAMILY DIGITAL LITERACY - Professor Jackie Marsh
FAMILY DIGITAL LITERACY - Professor Jackie MarshFAMILY DIGITAL LITERACY - Professor Jackie Marsh
FAMILY DIGITAL LITERACY - Professor Jackie MarshREAL-project
 
Zondle radionica u Puli
Zondle radionica u PuliZondle radionica u Puli
Zondle radionica u PuliBosiljko Đerek
 
Digital Art and Games
Digital Art and GamesDigital Art and Games
Digital Art and GamesNelson Zagalo
 
Digital stop watch
Digital stop watchDigital stop watch
Digital stop watchviv3ksharma
 
DIGITAL MARKETING
DIGITAL MARKETINGDIGITAL MARKETING
DIGITAL MARKETINGPreethi VG
 
Nand gate
Nand gateNand gate
Nand gateAnupam Narang
 
Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Nicholas Davis
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
 
Pki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinPki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinNicholas Davis
 
Cryptography
CryptographyCryptography
CryptographyNicholas Davis
 
Cryptography
CryptographyCryptography
CryptographyNicholas Davis
 
Using Digital Certificates To Secure Sensitive Communications At Uw Madison
Using Digital Certificates To Secure Sensitive Communications At Uw MadisonUsing Digital Certificates To Secure Sensitive Communications At Uw Madison
Using Digital Certificates To Secure Sensitive Communications At Uw MadisonNicholas Davis
 
Using digital certificates to secure sensitive communications at uw madison
Using digital certificates to secure sensitive communications at uw madisonUsing digital certificates to secure sensitive communications at uw madison
Using digital certificates to secure sensitive communications at uw madisonNicholas Davis
 
Healthcare information security secure sensitive communications within the ...
Healthcare information security secure sensitive communications within the ...Healthcare information security secure sensitive communications within the ...
Healthcare information security secure sensitive communications within the ...Nicholas Davis
 
Healthcare Information Security Secure Sensitive Communications Within The ...
Healthcare Information Security Secure Sensitive Communications Within The ...Healthcare Information Security Secure Sensitive Communications Within The ...
Healthcare Information Security Secure Sensitive Communications Within The ...Nicholas Davis
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologiesNicholas Davis
 
Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Hai Nguyen
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryptionMohammad Yousri
 
Electronic security
Electronic securityElectronic security
Electronic securityWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 
Electronic Security
Electronic SecurityElectronic Security
Electronic SecurityWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 

Contenu connexe

En vedette

Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...Paul Pivec
 
FAMILY DIGITAL LITERACY - Professor Jackie Marsh
FAMILY DIGITAL LITERACY - Professor Jackie MarshFAMILY DIGITAL LITERACY - Professor Jackie Marsh
FAMILY DIGITAL LITERACY - Professor Jackie MarshREAL-project
 
Digital Art and Games
Digital Art and GamesDigital Art and Games
Digital Art and GamesNelson Zagalo
 
Digital stop watch
Digital stop watchDigital stop watch
Digital stop watchviv3ksharma
 
DIGITAL MARKETING
DIGITAL MARKETINGDIGITAL MARKETING
DIGITAL MARKETINGPreethi VG
 

En vedette (7)

Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
Keynote iGBL Conference. Digital Me. A Revolutionary Game-Based Method to Off...
 
FAMILY DIGITAL LITERACY - Professor Jackie Marsh
FAMILY DIGITAL LITERACY - Professor Jackie MarshFAMILY DIGITAL LITERACY - Professor Jackie Marsh
FAMILY DIGITAL LITERACY - Professor Jackie Marsh
 
Zondle radionica u Puli
Zondle radionica u PuliZondle radionica u Puli
Zondle radionica u Puli
 
Digital Art and Games
Digital Art and GamesDigital Art and Games
Digital Art and Games
 
Digital stop watch
Digital stop watchDigital stop watch
Digital stop watch
 
DIGITAL MARKETING
DIGITAL MARKETINGDIGITAL MARKETING
DIGITAL MARKETING
 
Nand gate
Nand gateNand gate
Nand gate
 

Similaire à Securing email and electronic documents with digital certificates, by nicholas davis

Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Nicholas Davis
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Nicholas Davis
 
Pki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinPki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinNicholas Davis
 
Using Digital Certificates To Secure Sensitive Communications At Uw Madison
Using Digital Certificates To Secure Sensitive Communications At Uw MadisonUsing Digital Certificates To Secure Sensitive Communications At Uw Madison
Using Digital Certificates To Secure Sensitive Communications At Uw MadisonNicholas Davis
 
Using digital certificates to secure sensitive communications at uw madison
Using digital certificates to secure sensitive communications at uw madisonUsing digital certificates to secure sensitive communications at uw madison
Using digital certificates to secure sensitive communications at uw madisonNicholas Davis
 
Healthcare information security secure sensitive communications within the ...
Healthcare information security secure sensitive communications within the ...Healthcare information security secure sensitive communications within the ...
Healthcare information security secure sensitive communications within the ...Nicholas Davis
 
Healthcare Information Security Secure Sensitive Communications Within The ...
Healthcare Information Security Secure Sensitive Communications Within The ...Healthcare Information Security Secure Sensitive Communications Within The ...
Healthcare Information Security Secure Sensitive Communications Within The ...Nicholas Davis
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication TechnologiesNicholas Davis
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologiesNicholas Davis
 
Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Hai Nguyen
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgEric Vanderburg
 
Jerad Bates - Public Key Infrastructure.ppt
Jerad Bates - Public Key Infrastructure.pptJerad Bates - Public Key Infrastructure.ppt
Jerad Bates - Public Key Infrastructure.pptSmeetaJavalagi
 
Jerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).pptJerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).pptMehediHasanShaon1
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Keynectis
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesVivaka Nand
 

Similaire à Securing email and electronic documents with digital certificates, by nicholas davis (20)

Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...Pki & personal digital certificates, securing sensitive electronic communicat...
Pki & personal digital certificates, securing sensitive electronic communicat...
 
Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...Pki & personal digital certificates, the key to securing sensitive electronic...
Pki & personal digital certificates, the key to securing sensitive electronic...
 
Pki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University WisconsinPki Digital Id Itmc University Wisconsin
Pki Digital Id Itmc University Wisconsin
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
Using Digital Certificates To Secure Sensitive Communications At Uw Madison
Using Digital Certificates To Secure Sensitive Communications At Uw MadisonUsing Digital Certificates To Secure Sensitive Communications At Uw Madison
Using Digital Certificates To Secure Sensitive Communications At Uw Madison
 
Using digital certificates to secure sensitive communications at uw madison
Using digital certificates to secure sensitive communications at uw madisonUsing digital certificates to secure sensitive communications at uw madison
Using digital certificates to secure sensitive communications at uw madison
 
Healthcare information security secure sensitive communications within the ...
Healthcare information security secure sensitive communications within the ...Healthcare information security secure sensitive communications within the ...
Healthcare information security secure sensitive communications within the ...
 
Healthcare Information Security Secure Sensitive Communications Within The ...
Healthcare Information Security Secure Sensitive Communications Within The ...Healthcare Information Security Secure Sensitive Communications Within The ...
Healthcare Information Security Secure Sensitive Communications Within The ...
 
Authentication Technologies
Authentication TechnologiesAuthentication Technologies
Authentication Technologies
 
Authentication technologies
Authentication technologiesAuthentication technologies
Authentication technologies
 
Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01Authenticationtechnologies 120711134100-phpapp01
Authenticationtechnologies 120711134100-phpapp01
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
Electronic security
Electronic securityElectronic security
Electronic security
 
Electronic Security
Electronic SecurityElectronic Security
Electronic Security
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
 
Jerad Bates - Public Key Infrastructure.ppt
Jerad Bates - Public Key Infrastructure.pptJerad Bates - Public Key Infrastructure.ppt
Jerad Bates - Public Key Infrastructure.ppt
 
Jerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).pptJerad Bates - Public Key Infrastructure (1).ppt
Jerad Bates - Public Key Infrastructure (1).ppt
 
Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...Why and how to implement strong authentication on the web cartes 2010 - pat...
Why and how to implement strong authentication on the web cartes 2010 - pat...
 
Presentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificatesPresentation on digital signatures & digital certificates
Presentation on digital signatures & digital certificates
 

Plus de Nicholas Davis

Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentNicholas Davis
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessNicholas Davis
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsNicholas Davis
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development MethodologiesNicholas Davis
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityNicholas Davis
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Nicholas Davis
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Nicholas Davis
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewNicholas Davis
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets PersonalNicholas Davis
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...Nicholas Davis
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectNicholas Davis
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...Nicholas Davis
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Nicholas Davis
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryNicholas Davis
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing EducationNicholas Davis
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An OverviewNicholas Davis
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNicholas Davis
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Nicholas Davis
 

Plus de Nicholas Davis (20)

Conducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) AssessmentConducting a NIST Cybersecurity Framework (CSF) Assessment
Conducting a NIST Cybersecurity Framework (CSF) Assessment
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
 
UW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support SystemsUW-Madison, Information Systems 371 - Decision Support Systems
UW-Madison, Information Systems 371 - Decision Support Systems
 
Lecture blockchain
Lecture blockchainLecture blockchain
Lecture blockchain
 
Software Development Methodologies
Software Development MethodologiesSoftware Development Methodologies
Software Development Methodologies
 
Information systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD SecurityInformation systems 365 - Cloud and BYOD Security
Information systems 365 - Cloud and BYOD Security
 
Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids Information Security Awareness: at Work, at Home, and For Your Kids
Information Security Awareness: at Work, at Home, and For Your Kids
 
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
Information Systems 365/765, Lecture 4, Policies, Data Classification, Traini...
 
Information Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things OverviewInformation Systems 371 -The Internet of Things Overview
Information Systems 371 -The Internet of Things Overview
 
Cyberwar Gets Personal
Cyberwar Gets PersonalCyberwar Gets Personal
Cyberwar Gets Personal
 
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
University of Wisconsin-Madison, Information Security 365/765 Course Summary,...
 
Bringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team ProjectBringing the Entire Information Security Semester Together With a Team Project
Bringing the Entire Information Security Semester Together With a Team Project
 
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
The Deep and Dark Web - Spooky Halloween Information Security Lecture -- Info...
 
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
Student Presentation Sample (Netflix) -- Information Security 365/765 -- UW-M...
 
Information Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up SummaryInformation Security Fall Semester 2016 - Course Wrap Up Summary
Information Security Fall Semester 2016 - Course Wrap Up Summary
 
Organizational Phishing Education
Organizational Phishing EducationOrganizational Phishing Education
Organizational Phishing Education
 
Security Operations -- An Overview
Security Operations -- An OverviewSecurity Operations -- An Overview
Security Operations -- An Overview
 
Network Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security ImplicationsNetwork Design, Common Network Terminology and Security Implications
Network Design, Common Network Terminology and Security Implications
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
Information Security 365/765 Lecture 13 – Legal Regulations, Industry Compli...
 

Dernier

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Securing email and electronic documents with digital certificates, by nicholas davis

  • 1. Securing Email And Electronic Documents With Digital Certificates Nicholas Davis – UW-Madison
  • 2. Introduction Nicholas Davis PKI Project Lead at UW-Madison Background in encryption and authentication technologies Internet 1.0 is over Compliance is the word for 2010 Digital certificates bring security and assurance to your electronic processes
  • 3. Session Overview • What is a PKI? • What are digital certificates? • What can they be used for? • History of PKI and digital certificates at UW-Madison • Expansion of PKI to UW System • Question and answer session • Moving forward!
  • 4. What Is In a PKI? • Credentialing of individuals • Generating certificates • Distributing certificates • Keeping copies of certificates • Reissuing certificates • Revoking Certificates
  • 5. What is a Digital Certificate?
  • 6. What is in a Certificate?
  • 7. Digital Certificate Uses Digital Signing – Sign email and documents to prove that they came from you AND have not been altered from their original form. Encryption – Protects email and attachments from being viewed or altered while in transit or storage Authentication – Replacement for username and password
  • 8. Digital Signatures • Provides proof of the author • Testifies to message or document integrity • Valuable for both individual or mass email
  • 9. What Does a Digital Signature Prove? Provides proof that the email came from the purported sender…Is this email really from Britney Spears? Provides proof that the contents of the email have not been altered from the original form
  • 10. What if This Happens at the UW? Could cause harm in a critical situation Case Scenario Multiple hoax emails sent with Chancellor’s name and email. When real crisis arrives, people might not believe the warning. It is all about trust!
  • 11. A Digital Signature Can Be Invalid For Many Reasons
  • 13. Encryption Encrypting data with a digital certificate Secures it end to end. • While in transit • Across the network • While sitting on email servers • While in storage • On your desktop computer • On your laptop computer • On a server
  • 14. Email Security Do you perceive your email to be as visible as a postcard? Do you send sensitive information in email or as an attachment? How can you be sure the email you send is protected once it reaches its final destination?
  • 15. Public and Private Keys The digital certificate has two parts, a PUBLIC key and a PRIVATE key The Public Key is distributed to everyone The Private Key is held very closely And NEVER shared Public Key is used for encryption and verification of a digital signature Private Key is used for Digital signing and decryption
  • 17. Getting Someone’s Public Key The Public Key must be shared to be Useful It can be included as part of your Email signature It can be looked up in an LDAP Directory Can you think of the advantages and disadvantages of each method?
  • 18. Who Could This Public Key Possibly Belong To?
  • 19. Secure Email is Called S/MIME • S/MIME = Secure Multipurpose Mail Extensions • S/MIME is the industry standard, not a point solution, unique to a specific vendor
  • 20. Authentication - One Card - One Identity
  • 21. Credentialing • Non technical, but the most important part of a PKI! • A certificate is only as trustworthy as the underlying credentialing and management system • Certificate Policies and Certificate Practices Statement
  • 22. Certificate Generation and Storage • How do you know who you are dealing with in the generation process? • Where you keep the certificate is important
  • 23. Distributing Certificates • Can be done remotely – benefits and drawbacks • Can be done face to face – benefits and drawbacks
  • 24. Keeping Copies – Key Escrow • Benefit – Available in case of emergency • Drawback – Can be stolen • Compromise is the best! • Use Audit Trails, separation of duties and good accounting controls for key escrow
  • 25. Certificate Renewal • Just like your passport, digital certificates expire • This is for the safety of the organization and those who do business with it • Short lifetime – more assurance of validity but a pain to renew • Long lifetime – less assurance of validity, but easier to manage • Use a Certificate Revocation List if you are unsure of certificate validity
  • 26. Trusted Root Authorities • A certificate issuer recognized by all computers around the globe • Root certificates are stored in the computer’s central certificate store • Requires a stringent audit and a lot of money!
  • 27. It Is All About Trust
  • 29. Future of PKI at the University of Wisconsin Migrating to a new PKI provider 5 year lifetime on certificates LDAP push and pull connectivity Beyond UW-Madison, to include other UW System campuses Secure business communications via email between campuses Perhaps replacing username and password authentication for sensitive applications.
  • 30. It Really Is Up To You! • Digital certificates / PKI is not hard to implement • It provides end to end security of sensitive communications • It is comprehensive, not a mix of point solutions • Internet 1.0 is gone, let’s get down to the business of securing our communications.
  • 31. Question and Answer Session • Nicholas Davis • ndavis1@wisc.edu • Please let me know how I can be of assistance in your PKI, digital signature and secure email efforts