Saturday, October 26, 2019

Information Security: Public Key Infrastructure Essay -- Information

With the increase of digital communications and transactions, a stronger level of security is required to protect the user and their data transactions. Systems, servers, personal computers, mobile devices, tokens and smart cards are all being used ubiquitously to view protected communications. With the influx of data management, there is an ever-apparent contest between the two adversaries in the game of Information Security: the developers and the hackers. PKI was designed to leverage the Internet infrastructure for communications (CITE Samuelle 2009). While minimizing hostile exploitation of data, decreasing data theft, and providing an additional layer of trust through keys pairs and digital certificates, PKI is used to verify the identity of the user and the authenticity of the data. A Public Key Infrastructure is not a single device or entity; it is a compilation of technology, infrastructure, and practices that enables large scale use of public key cryptography to provide authenticity, confidentiality, integrity, and non-repudiation services (CITE). The word cryptography is derived from the Greek word â€Å"kryptos†(CITE), which means hidden. It is the technique in which a cryptographic algorithm is used to take the original plaintext information and then make it unreadable to everyone except for those it was initially intended for by scrambling it into ciphertext. This is known as encryption, and the process that unscrambles the message to make it readable again is called decryption. The National Security Agency (NSA) even defines cryptography as the science and art of making codes and ciphers(CITE NSA 2009). In cryptography, a key or code is used to scramble the message which results in a cipher. Cryptography has not alw... ...rce. (2007, Sept 18). Public Key Infrastructures - Federal PKI. Retrieved Sept 15, 2009, from NIST-Computer Security Division: http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/index.html NIST. (2009). Federal Information Processing Standard (FIPS) Publication 186-3, Digital Signature Standard (DSS). Washington, D.C.: Department of Commerce. NSA. (2009, 01 12). Frequently Asked Questions Terms and Acronyms - NSA/CSS:. Retrieved 10 11, 2009, from National Security Agency: http://www.nsa.gov/about/faqs/terms_acronyms.shtml US-CERT. (2008, 12 31). Vulnerability Note VU#836068. Retrieved 10 12, 2009, from US-CERT: http://www.kb.cert.org/vuls/id/836068 VeriSign, Inc. (2009). National PKI: The foundation of trust in government programs (A White Paper). Retrieved Sept 15, 2009, from VeriSign White Paper: http://www.verisign.com/static/national-pki-government-trust.pdf

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.