Skip to main content

PUBLIC KEY INFRASTRUCTURE


PUBLIC KEY INFRASTRUCTURE

A public key infrastructure (PKI) supports the
·       Distribution and identification of public encryption keys
·       Enables users and computers to exchange data over networks  
·       Verify the identity of the other party
·       Enables people and businesses to utilize a number of secure Internet applications. For example, secure and legally binding emails and Internet based transactions, and services delivery can all be achieved through the use of PKI

Key Elements of PKI:-
  • A trusted party(certificate authority (CA))- act as a root of trust and provides services that authenticate the identity of individuals, computers and other entities
  • A registration authority(subordinate CA)- certified by a root CA to issue certificates for specific uses permitted by the root
  • A certificate database- stores certificate requests and issues certificates
  • A certificate store- resides on a local computer to store issued certificates and private keys

Security Features of PKI:-

Authentication
Authentication becomes crucial when an organization opens its door to the internet to verify the identity of users and machines. PKI provides strong authentication mechanisms to ensure that persons and machines are the entities they claim to be.
Encryption
PKI uses encryption algorithms to secure communications and ensure the privacy of data sent from one computer to another.
Non-repudiation
PKI can be used to provide non-repudiation through digital signatures. This proves that a specific user performed certain operations at a given time.

Advantages of the PKI Approach:-

  • PKI is a standards-based technology.
  • It allows the choice of trust provider.
  • It is highly scalable. User can maintain their own certificate and certificate authentication involves exchange of data between client and server only.
  • PKI allows delegated trust. Users having certificate from a recognized and trusted certificate authority can authenticate themselves to a server the very first time they connect to that server without having previously been registered with the system

Disadvantages of the PKI Approach:-

  • We need a thorough understanding of PKI and asymmetric encryption principles to set this up.
  • Asymmetric encryption is slow so PKI is only used on short messages.

Comments

Popular posts from this blog

Advantages and Disadvantages of EIS Advantages of EIS Easy for upper-level executives to use, extensive computer experience is not required in operations Provides timely delivery of company summary information Information that is provided is better understood Filters data for management Improves to tracking information Offers efficiency to decision makers Disadvantages of EIS System dependent Limited functionality, by design Information overload for some managers Benefits hard to quantify High implementation costs System may become slow, large, and hard to manage Need good internal processes for data management May lead to less reliable and less secure data

Inter-Organizational Value Chain

The value chain of   a company is part of over all value chain. The over all competitive advantage of an organization is not just dependent on the quality and efficiency of the company and quality of products but also upon the that of its suppliers and wholesalers and retailers it may use. The analysis of overall supply chain is called the value system. Different parts of the value chain 1.  Supplier     2.  Firm       3.   Channel 4 .   Buyer

Big-M Method and Two-Phase Method

Big-M Method The Big-M method of handling instances with artificial  variables is the “commonsense approach”. Essentially, the notion is to make the artificial variables, through their coefficients in the objective function, so costly or unprofitable that any feasible solution to the real problem would be preferred, unless the original instance possessed no feasible solutions at all. But this means that we need to assign, in the objective function, coefficients to the artificial variables that are either very small (maximization problem) or very large (minimization problem); whatever this value,let us call it Big M . In fact, this notion is an old trick in optimization in general; we  simply associate a penalty value with variables that we do not want to be part of an ultimate solution(unless such an outcome is unavoidable). Indeed, the penalty is so costly that unless any of the  respective variables' inclusion is warranted algorithmically, such variables will ...