Upload
rhassan84
View
402
Download
1
Embed Size (px)
Citation preview
Impact of Digital Certificate in
Network Security
Fahad Ibne Rahman
Rakibul Hassan
Mohammad Islam
MBA 513 OL2 15/SP MGMT INFORMATION SYSTEMS
Outline
Overview of Digital Certificate
Current Status of Digital Certificate
Impacts/Potential Benefits of Digital Certificate
Barriers to Implementing Digital Certificate
Future Trends for Digital Certificate
Overview of Digital Certificate
A digital certificate is an electronic permit that allows a person,
organization or a computer to exchange the information securely over the
Internet by using the public key infrastructure (PKI).
Digital certificates help establish the identity of people or electronic assets.
They protect online transactions by providing secure, encrypted, online
communication.
Types of Digital Certificates
There are four main types of digital certificates :-
Server Certificates
Personal Certificates
Organization Certificates
Developer Certificates
What Digital Certificate Contain
A digital certificate (DC) is a digital file that certifies the identity of an
individual or an institution.
The certificate contains the name of the certificate holder
A serial number
Expiration dates
A copy of the certificate holder's public key
Digital signature of the certificate-issuing authority
Certificate Authorities (CA)
Certificate Authority or certification authority (CA) is an entity that
issues digital certificate. A digital certificate certifies the ownership of
a public key by the named subject of the certificate.
Process of obtaining a certificate
Step 1. Purchase the digital certificate
Step 2. Generate and submit a Certificate Signing Request (CSR)
Step 3. Validate the request
Step 4. Install the Certificate
SSL Certificates
SSL (Secure Sockets Layer) is a standard security technology for
establishing an encrypted link between a server and a client
SSL allows sensitive information such as credit card numbers, social
security numbers, and login credentials to be transmitted securely.
More specifically, SSL is a security protocol.
SSL Certificate Create Secure Connection
Step1. Browser connects to a web server (website) secured with SSL (https). Browser requests
that the server identify itself.
Step2. Server sends a copy of its SSL Certificate, including the server’s public key.
Step3. Browser checks the certificate root against a list of trusted CAs and that the certificate is
unexpired, unrevoked, and that its common name is valid for the website that it is connecting to.
If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key
using the server’s public key.
Step4. Server decrypts the symmetric session key using its private key and sends back an
acknowledgement encrypted with the session key to start the encrypted session.
Step5. Server and Browser now encrypt all transmitted data with the session key.
Why security needed on the Internet
The Internet is an open communications network that was not
originally designed with security in mind. Criminals have found they
can abuse its weaknesses for untruthful gain. If the Internet is to
succeed as a business and communications tool users must be able to
communicate securely.
Security provide
The number of people and businesses online is continuing to increase. As access
becomes faster and cheaper such people will spend even more time connected to the
Internet for personal communication and business transactions. Digital certificate
gives the following security:
Identification / Authentication
Confidentiality
Integrity
Non-Repudiation
Access Control
Current Status of Digital Certificate
A Digital Certificate is an electronic card, or the digital equivalent of an
identification card, that certifies online transactions, e-commerce and other
authentications on the Internet. Mostly use of Digital Certificate on:
Communication Security
Online Banking
Facilitating E-commerce
Prevent Online Threats
Impacts/Potential Benefits of Digital Certificate
Digital Certificates are one of the many solutions available for authentication.
Major benefits of Digital Certificates are as follows:
Minimal involvement needed from end users
No additional hardware needed
Easy to manage
Certificates are natively supported by many enterprise applications and
networks
Minimal involvement needed from end users
Minimal onboarding/training process
Decreased support calls
No additional hardware needed
No tokens to distribute and manage
No need for a back-up plan in the case of forgotten/lost tokens
Users can work across multiple devices without interruption
Easy to manage
Minimal internal resources needed to support the solution
Easy to issue and revoke credentials with employee turnover
Easily scaled to accommodate business growth
Certificates are natively supported
Minimal configuration needed to implement
Easily enable two-factor authentication across multiple applications
and networks
Support mobile/remote workforce
Barriers to Implementing Digital Certificate
Just like all other electronic products, digital signatures have some
disadvantages that go with them
Financial Disadvantages
Technological Disadvantages
Financial Disadvantages
Financial Businesses must purchase digital certificates from
certification authorities.
Certification authorities typically require a subscription to their service,
which requires monthly payments to continue the relationship.
Multiple certificates for different sites or purposes can become a costly
endeavor.
Technological Barriers/ Disadvantages
Creating a platform that accepts all digital certificates is a difficult
undertaking.
Human carelessness may compromise the safety of login
identifications.
Future Trends for Digital Certificate
Digital certificate will overcome it’s current barrier.
In case of server crash new request need to sent every time for the
reissue of digital certificate, discontinue of secure service.
Will be more flexible to use for server.
The use of legally obtained certificates
A few years ago, digital certificates were actively used by large
software manufacturers that were legally registered companies. Today,
certificates are used increasingly often by individual software
developers and small companies. As can be seen, the number of
certificates is steadily growing year on year.
The use of legally obtained certificates
The number of certificates verified by CAs and known to Kaspersky Lab
Summary
Protect main website/domains.
Use SSL certificate to add security/value to company’s online
presence.
Standardize domain WHOIS.
Consolidate and reduce costs.
Ensure company's certificates are up to date.
Bibliography
Laudon, K. C., & Laudon, J. P. (2012). Management Information Systems, Managing the Digital Firm. Upper Saddle River: Pearson Education, Inc.
Ciampa, M. (2012). Security+ Guide to Network Security Fundamentals. From https://books.google.com/books?id=CIHYWBrg9JQC&pg=PA468&dq=digital+certificate&hl=en&sa=X&ei=NwDeVP6EGcyayATlmYL4Ag&ved=0CFQQ6AEwBg#v=onepage&q&f=false
Kahate, A. (2013), Cryptography and Network Security, third edition. From https://books.google.com/books?id=xCDZAgAAQBAJ&pg=PA206&dq=digital+certificate&hl=en&sa=X&ei=Vy_hVIDzGOeIsQS5tILQBQ&ved=0CGcQ6AEwCQ#v=onepage&q=digital%20certificate&f=false
Bibliography
Retrieved April 1, 2015, from
http://searchsecurity.techtarget.com/definition/digital-certificate
Retrieved April 10, 2015, from http://scurit.com/why-you-shouldnt-completely-
trust-files-signed-with-digital-certificates/
Retrieved April 7, 2015, from http://dictionary.reference.com/browse/digital
certificate/
Retrieved April 11, 2015, from https://www.globalsign.com/en/ssl-information-
center/what-is-an-ssl-certificate/
Bibliography
Retrieved April 8, 2015, from https://www.globalsign.com/en/blog/4-benefits-of-
certificate-based-authentication/
Retrieved April 12, 2015, from http://www.ehow.com/facts_4862018_advantages-
digital-certificate.html
Retrieved April 8, 2015, from https://www.digicert.com/ssl.htm
Retrieved April 2, 2015, from
https://sites.google.com/site/thedigitallibrarian/barriers-to-integrating-technology/
Bibliography
Retrieved April 3, 2015, from http://securelist.com/blog/68593/why-
you-shouldnt-completely-trust-files-signed-with-digital-certificates/
Retrieved April 6, 2015, from https://www.digicert.com/ppc/ssl-
explained.htm?cid=70160000000OIpaAAG&gclid=CO-
j0L_688QCFdgGgQodXl0Abw/