StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Public Key Infrastructure - Case Study Example

Cite this document
Summary
Public Key Infrastructure (PKI) is a type of security architecture that offers a higher level of confidence when it comes to the exchange of information over the internet. The PKI allows for the integration of the various services connected to the concept of cryptography. The…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.5% of users find it useful
Public Key Infrastructure
Read Text Preview

Extract of sample "Public Key Infrastructure"

Public Key Infrastructure Assignment Public Key Infrastructure (PKI) is a type of security architecture that offers a higher level of confidence when it comes to the exchange of information over the internet. The PKI allows for the integration of the various services connected to the concept of cryptography. The main aim behind PKI is to provide access control, integrity, confidentiality, authentication and non-repudiation (El-Ashqar, 2012). PKI is anchored on three main concepts. The first is authentication where strong authentication mechanisms help to verify the users of machines.

Secondly, there is the idea of encryption where encryption algorithms ensure that the communications are secure and that data remain private as it is sent from one computer to another. Finally, through digital signatures, PKI helps to provide non-repudiation. The concept of non-repudiation helps prove that a particular individual performed a certain operation at a certain time (El-Ashqar, 2012). Therefore PKI can be of great benefit to the organization by guaranteeing the quality, source & destination, the timing and privacy of information.

The PKI could help in signing the company’s software by providing code signing certificates. This certification is done by the Certification Authority (CA) unit under the PKI which uses its private key to assign a certificate and signs it with the private key for that certificate authority (Zissis & Lekkas, 2013). The CA in this case refers to the company itself which will be involved in issuing and revoking of the digital signatures. In addition to the private key, the CA has its public key which is published.

Therefore, the company may take advantage of this process and assign its software products digital certificates. The public key that is used in the authentication of the code signature can be traced back to the root Certification Authority (Zissis & Lekkas, 2013). Clients make use of the root certificate generated by the CA to verify that the signatures have originated from that certificate authority. This will help the user know that a given software product is from the stated source or company.

This will help show the user that the software is authentic and is from the trusted company. Companies have to choose whether to use an external certification authority (CA) or an in-house CA that is controlled by the organization. Each of these approaches has its own merits and drawbacks. First, when it comes to internal CAs, it is easy for the organization to manage since there is no need to consult another party. Internal CAs has no cost per certificate fees and it’s generally cheaper to configure (Spencer, 2013).

However, the limitations of the internal CA are that its implementation can be complex, organizations are accountable for the PKI failures and the certificate management overhead cost is high in internal CAs (Spencer, 2013). Secondly, when external CA is considered, they are advantageous because the external CA is accountable in case of PKI failures. In addition, other organizations are likely to trust digital certificates from external CAs (Spencer, 2013). The certificate management overhead cost is lower compared to that of internal CAs.

However, external CAs reduces the level of integration to the infrastructure of the organization. The fees associated with the cost per certificate can be very high, especially in large organizations. In addition, the level of flexibility in expanding and managing the certificates is reduced. Based on the analysis above, I would recommend that the organization adopts the external CA instead of the internal CA. This is because external organizations and clients will trust the CAs generated by external CA.

this will help the organization grow and ensure that customers trust their products. In addition, since this is a relatively small organization, the cost per certificate fees will be small, and this will make the approach relatively cheap. ReferencesEl-Ashqar, A., Mageed, T & Fahmy, A (2012). Taxonomy of Public Key Infrastructure. Journal of Applied Sciences Research, 8(7), pp. 3656-3663. Spencer, W (2013). Understanding Certificate Authorities. Retrieved from http://www.tech- faq.com/understanding-certificate-authorities.

htmlZissis, D. & Lekkas, D (2013). Trust coercion in the name of usable Public Key Infrastructure. Security And Communication Networks, John Wiley & Sons

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Public Key Infrastructure Case Study Example | Topics and Well Written Essays - 500 words”, n.d.)
Public Key Infrastructure Case Study Example | Topics and Well Written Essays - 500 words. Retrieved from https://studentshare.org/information-technology/1646355-public-key-infrastructure
(Public Key Infrastructure Case Study Example | Topics and Well Written Essays - 500 Words)
Public Key Infrastructure Case Study Example | Topics and Well Written Essays - 500 Words. https://studentshare.org/information-technology/1646355-public-key-infrastructure.
“Public Key Infrastructure Case Study Example | Topics and Well Written Essays - 500 Words”, n.d. https://studentshare.org/information-technology/1646355-public-key-infrastructure.
  • Cited: 0 times

CHECK THESE SAMPLES OF Public Key Infrastructure

Solving Problems of Multiple Identities

This paper ''Computer Security'' tells that Solving problems of multiple identities is done under effective identity management.... Problems of multiple identities within the Metropolitan Police Service can only be solved through an effective identity management system that utilizes various technologies....
8 Pages (2000 words) Essay

Rationale behind Increasing Computer Crime

Public Key Infrastructure (PKI) and digital certificates supplements the encrypted algorithm to encounter the challenges of illegal activity and augment the business operations to target potential customer.... The extreme dependency on electronic system, increasing complexity of IT system to support the business operations of e-commerce and the cost of digital signature and assets has make the internet system complex as medium of online shopping....
1 Pages (250 words) Essay

Computing security exam question

Public Key Infrastructure (PKI) refers to an array of electronic devices, applications, guidelines, and methods that play a crucial role in the organization and management of digital certificates.... This paper will seek to assess and analyze the effectiveness of Public Key Infrastructure (PKI).... Public Key Infrastructure (PKI) is a schema that provides high level of security and confidentiality for Internet users that seek to engage in online transactions and e-commerce....
4 Pages (1000 words) Essay

Business - building trust in the e-business

Public Key Infrastructure (PKI): with PKI security architecture which will provide secures exchange of information on internet.... Network security, Electronic commerce, Public Key Infrastructure, p.... Address and information about office: the customer gains a trust when he comes to know that a company has an infrastructure.... Address and information about office: the customer gains a trust when he comes to know that a company has an infrastructure....
2 Pages (500 words) Essay

Vulnerabilities

Accordingly, during… Similarly, non-repudiation issues will also occur, if there is no Public Key Infrastructure (PKI) that is operated by separate third parties.... Similarly, non-repudiation issues will also occur, if there is no Public Key Infrastructure (PKI) that is operated by separate third parties.... However, if encryption is applied to the Public Key Infrastructure, there is a requirement of identifying people possessing the relevant key to decrypt the message (Ellison & Schneier, 2000)....
2 Pages (500 words) Research Paper

Wireless Home Networking Simplified

SSH, an abbreviation of Secure Shell is a cryptographic network protocol that allows users between two different computers a number of secure advantages among them secure data communication, remote command-line login, remote command execution, as well as other secure network… SSH uses a secure channel to connect through an insecure network (Peterson and Bruce 880). Public Key Infrastructure allows users of an unsecure public network, particularly the internet to have more secure communication and privately exchange data, as well as money SSH SSH, an abbreviation of Secure Shell is a cryptographic network protocol that allows users between two different computers a number of secure advantages among them secure data communication, remote command-line login, remote command execution, as well as other secure network services....
1 Pages (250 words) Assignment

Build Your Own Botnet

Prevention from MITM attacks includes using PKI or Public Key Infrastructure, reinforced mutual authentication like secret keys, second channel authentication, and reinforced encryption.... Secure infrastructure using access controlSAC guarantees that only authorized users get into the system and motivates the authorized users to remain security conscious through regular password changing....
2 Pages (500 words) Essay

Types of E-Commerce

This business model is associated with consultancy, manufacturing, distribution and wholesaling business models.... An example is General Electric in Saudi Arabia… B2B Online direct marketing that offers services and which derives revenue from Transaction fees http://extrastores.... om/en-sa/....
7 Pages (1750 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us