You are in the: Small Business Computing Channel

» ECommerce-Guide | Small Business Computing | Webopedia | WinPlanet

www.ecommerce-guide.com/news/trends/article.php/126041

Back to Article

Electronic Keys For A Digital Tomorrow By Mark Merkow, CCP, CISSP May 21, 1998 X.509 Certificates are issued by a trusted party, called a Certificate Authority, or CA. These CAs operate on behalf of those who wish to operate a Public Key Infrastructure (PKI) using X.509 recommended standards. X.509 Certificates typically contain: User Name User Organization Certificate Effective Date Certificate Expiration Date User Public Key (from the key-pair) Issuer CA Name Issuer CA Signature Along with this information, certificates sometimes contain extensions that describe how the certificate may be used, and under which conditions. In other words, a certificate used to access network resources cannot be used to access bank accounts. Each certificate is issued under specific uses and guidelines, as described in the certificate''s extensions. CAs maintain a "Tree of Trust" that''s checked each time a certificate is presented as proof of one''s identity. Once the tree of trust is successfully traversed, proof of identity and proof of a person''s right to use the key can be ascertained by the recipient. Electronic commerce protocols, such as Secure Electronic Transactions (SET), uses a robust set of digital certificates to authenticate Cardholders, Merchants, and operators of Payment Processors (Gateways) to assure that all parties possess the rights needed to transact using payment cards over the Internet. A corporation may issue digital certificates to its employees as an alternative to IDs and passwords for access to network services, mainframe applications, etc. These certificates will normally be stored in software that resides on the user''s PC within a Web Browser. Certificates may also be stored on SmartCards (discussed later) to permit access to secured areas of the building, log-ins to Network Computers (NCs), and other specialized applications. Today''s X.509 Version 3.0 certificates are making a significant impact on technology. Revenues from digital certificates and services are expected to double in 1998 to $56 million. By the Year 2000, revenues will grow to $92 million, according to a report by Dataquest Inc. Using digital certificates, Internet users are offered high degrees of certainty along several dimensions of communications. Though their cryptography, anyone receiving a signed message, along with the public key in the sender''s digital certificate, can be confident that the message came from the a specific person (user authentication) and that the message itself arrived intact (integrity). By adding one more step to the message sending process, the sender and receiver can also be sure that no one other than the receiver can read the message, adding the dimension of privacy too.

Go to page: Prev  1  2  3  4  Next