Public Key InfrastructureAmmar Hasayen2013

Going back in time

….

How things worked before

Face to Face

Corporate walls Badges Paper

work

TrustConfidentiality

Authenticity Delivery

How things working Now

Virtual Team

World is the limit Digital ID

Digital Collaboratio

n

WirelessAnywhere BYOD E-transactions

Defining Challenges

Within Corporate

Active Directory

Weak Identity

Can be shared

C.I.AInternet is like a big city

You can be anyone

How to identify people

digitally?

Introducing PKI

….

Public Key Infrastructure

Framework

PeoplePolicies

SoftwareHardwareProcesses

Public Key Technology

AuthenticityNon-Repudiation Confidentiality Integrity

Public Key Infrastructure is a framework consist of hardware, software, people, processes, and policies, that together helps identify and solve these problems for you by establishing safe and reliable environment for electronic transactions in the internet

Digital Certificate

Certificate Authority

Digital Certificate

A certificate authority maintains a revocation list that contains all digital certificates cancelled or suspended before their expiry dates.

Digital Certificate

Public Key

Private KeyDigital

Certificate

Secure Email

Encrypt with Public

Key

Decrypt with

Private Key

Why PKI

….

Starts at 1024 bit key length

Asymmetric cryptography

Users, Computers, Devices, Portals

Authenticity, Integrity, Confidentiality

Non Repudiation (Proof)

Can be hosted in Smart Cards

Extend trust beyond Corp boundaries

Secure Technology Enabler

Compliance

Technology Neutral

PKI Technologies

….

Public Key Infrastructure

SSL Certificates

Wireless Security

PEAP –EAP-TLS

Secure VPNAccess

Secure Email S/MIME

Encrypt FilesEFS

Smart CardsTwo-factor

Authentication

Public Key Infrastructure is Enabler For Every Security Solution

PKI Deployment

….

Implement CA Servers

Design PKI InfrastructureConfiguration (CRLS,AIA)

Policies (CPS, CS) Secure PKI and defining roles

Defining EnrolleesUsers Computers Services Devices

Introducing PKI TechnologiesSSL TLS S/MIME EFS

Smart Cards Secure VPN NAP 802.1X

PHASE1

PHASE2

PHASE3

It is either your infrastructure that determines your service

levelOR

your service level determines your infrastructure

Thank You