Public Key Infrastructure (PDF)
Building Trusted Applications and Web Services
(Sprache: Englisch)
With the recent Electronic Signatures in Global and National Commerce Act, public key cryptography, digital signatures, and digital certificates are finally emerging as a ubiquitous part of the Information Technology landscape. Although these technologies...
sofort als Download lieferbar
eBook (pdf)
63.49 €
31 DeutschlandCard Punkte sammeln
- Lastschrift, Kreditkarte, Paypal, Rechnung
- Kostenloser tolino webreader
Produktdetails
Produktinformationen zu „Public Key Infrastructure (PDF)“
With the recent Electronic Signatures in Global and National Commerce Act, public key cryptography, digital signatures, and digital certificates are finally emerging as a ubiquitous part of the Information Technology landscape. Although these technologies have been around for over twenty years, this legislative move will surely boost e-commerce activity. Secure electronic business transactions, such as contracts, legal documents, insurance, and bank loans are now legally recognized. In order to adjust to the realities of the marketplace, other services may be needed, such as a non-repudiation service, digital notary, or digital time-stamping service. The collection of these components, known as Public Key Infrastructure (PKI), is paving the way for secure communications within organizations and on the public Internet.
Lese-Probe zu „Public Key Infrastructure (PDF)“
II ANALYZING AND DESIGNING PUBLICKEY INFRASTRUCTURES (p. 159-160) With regard to PKI architectural design considerations, the system administrator for the network server must install and configure the necessary security software in various secure locations, and make this software accessible to the security officers. System resources and network bandwidth must be available for the certificate issuance, verification, storage, and revocation processes. Thus, the PKI architecture's four functional design components are:
1. A certification authority (CA)
2. Optionally, one or more registration authorities (RAs)
3. Public directories
4. Client-side software
The CA system is established on a secure server that houses software for issuing and signing certificates and publishing certificate information in the directory server. If needed in larger environments, a hierarchy of CAs can be established. The CA is managed by a principle security officer who is responsible for the overall security and maintenance of the PKI. One or more RAs can be established to process user requests for certificates and other certificate management functions. Security administration officers can be chosen and assigned routine certificate management functions, such as manual issuance and revocation of user certificates.
Directories must be configured for storing certificates, and for synchronizing this information as needed to distribute certificates throughout an enterprise. The system administrator responsible for the directories must be made aware of the requirements of the directory for storage and maintenance of the certificates. The directories may need to be upgraded to use the Lightweight Directory Access Protocol (LDAP) standards, or reconfigured to enable security. Thus, a comprehensive PKI architecture design solution includes client-side software that operates consistently and transparently with existing applications to take advantage of encryption and
... mehr
digital certificates.
With the preceding in mind, this section begins with Chapter 12, which concentrates on a small but interesting area of software security based on public key cryptographic technology. Next, Chapter 13 is not about PKI technology, rather, it is about time and money. Then, Chapter 14 discusses why a number of enterprises develop the many significant standards related to PKI. Finally, Chapter 15 discusses PKI architectural design considerations. The first part of the chapter describes the requirements of a public key infrastructure. Next, the chapter presents the high-level structure of the PKI architecture by grouping the architecture’s design components into broad functional categories. The third part of the chapter enumerates the design components in each of the architecture’s functional categories, describes the functionality of each design component and lists existing specifications that could serve as candidate standards for each design component’s interfaces and protocols, identifies where negotiation facilities are required to deal with the probable existence of a multiplicity of security mechanisms, enumerates important public-key-related protocols, and discusses the need for environment-specific profiles. Finally, the chapter discusses the use of hardware security devices in the architecture.
Tip: To be considered a "candidate" for purposes of the public key infrastructure architecture, an interface or protocol must be described by a publicly available specification, and support a significant fraction of the functionality of the PKI design component for which it is proposed as a candidate.
With the preceding in mind, this section begins with Chapter 12, which concentrates on a small but interesting area of software security based on public key cryptographic technology. Next, Chapter 13 is not about PKI technology, rather, it is about time and money. Then, Chapter 14 discusses why a number of enterprises develop the many significant standards related to PKI. Finally, Chapter 15 discusses PKI architectural design considerations. The first part of the chapter describes the requirements of a public key infrastructure. Next, the chapter presents the high-level structure of the PKI architecture by grouping the architecture’s design components into broad functional categories. The third part of the chapter enumerates the design components in each of the architecture’s functional categories, describes the functionality of each design component and lists existing specifications that could serve as candidate standards for each design component’s interfaces and protocols, identifies where negotiation facilities are required to deal with the probable existence of a multiplicity of security mechanisms, enumerates important public-key-related protocols, and discusses the need for environment-specific profiles. Finally, the chapter discusses the use of hardware security devices in the architecture.
Tip: To be considered a "candidate" for purposes of the public key infrastructure architecture, an interface or protocol must be described by a publicly available specification, and support a significant fraction of the functionality of the PKI design component for which it is proposed as a candidate.
... weniger
Bibliographische Angaben
- Autor: John R. Vacca
- 2004, 448 Seiten, Englisch
- Verlag: Taylor & Francis
- ISBN-10: 0203498151
- ISBN-13: 9780203498156
- Erscheinungsdatum: 11.05.2004
Abhängig von Bildschirmgröße und eingestellter Schriftgröße kann die Seitenzahl auf Ihrem Lesegerät variieren.
eBook Informationen
- Dateiformat: PDF
- Größe: 6.32 MB
- Mit Kopierschutz
- Vorlesefunktion
Sprache:
Englisch
Kopierschutz
Dieses eBook können Sie uneingeschränkt auf allen Geräten der tolino Familie lesen. Zum Lesen auf sonstigen eReadern und am PC benötigen Sie eine Adobe ID.
Kommentar zu "Public Key Infrastructure"
0 Gebrauchte Artikel zu „Public Key Infrastructure“
Zustand | Preis | Porto | Zahlung | Verkäufer | Rating |
---|
Schreiben Sie einen Kommentar zu "Public Key Infrastructure".
Kommentar verfassen