Posts Tagged ‘pki’
Part 1/2: Public key infrastrcture for the CISSP and CISA novice under Cyber Security Act of 2009
http://en.wikipedia.org/wiki/Public_key_infrastructure
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.[1]
In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique for each CA. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The PKI role that assures this binding is called the Registration Authority (RA) . For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgeable in public key certificates issued by the CA.
The term trusted third party (TTP) may also be used for certificate authority (CA). The term PKI is sometimes erroneously used to denote public key algorithms, which do not require the use of a CA.
Duration : 0:2:2
Public-private cryptography key pairs for the CISSP and CISA novice under Cyber Security Act of 2009
Public-private cryptography key pairs for the CISSP and CISA novice under Cyber Security Act of 2009
http://www.coresecuritypatterns.com/blogs/?p=1523
Public Key Cryptography (PKC) uses two keys, a “public key” and a “private key”, to implement an encryption algorithm that doesn’t require two parties to first exchange a secret key in order to conduct secure communications. In a nice mathematical twist, this conceptual breakthrough also enables an elegant implementation of digital signatures.
For thousands of years, it was unanimously agreed in the cryptography community that the only way for two parties to establish secure communications was to first exchange a secret key of some kind. This seemed to be simple common sense: if the recipient didn’t have a secret to give them some leverage, how could they be in a better position to decrypt the message than an eavesdropper? Practically speaking, this meant that one of the parties first had to send a trusted person to the second party with a secret key (which typically took a fair amount of time), or send the key through an existing encryption channel that couldn’t be completely trusted (if it was broken, all of the keys transmitted over that channel were also broken).
Tages: pki public key ietf diffie-hellman algorithm ssh encrypt rfc reading room parties cryptography computer, pki, security, ttp, act, verisign, cissp, 2009, cisa, tcp, udp, ccna, digital, signature, nsa, nist, niap, cryptography, federal, information, processing, gao,
Duration : 0:2:37
Part 2/2: CISSP, CISA licensing under the NIST Cyber Security Act of 2009
Tutorial white papers on cryptography
Part one:
http://www.securityhorizon.com/journa…
Part two:
http://www.securityhorizon.com/journa…
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique for each CA. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The PKI role that assures this binding is called the Registration Authority (RA) . For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgeable in public key certificates issued by the CA.
The term trusted third party (TTP) may also be used for certificate authority (CA). The term PKI is sometimes erroneously used to denote public key algorithms, which do not require the use of a CA.
Category: Science & Technology
Tags: computer pki security ttp act verisign of cissp 2009 cisa tcp udp ccna digital signature nsa nist niap cryptography federal information processing gao government accountability office cybersecurity cyberwar cyber forensics csi
Duration : 0:5:1
Understanding CISSP & CISA licensing under the Cyber Security Act of 2009 (FIPS, NIST, PKI)
Tutorial white papers on cryptography
Part one:
http://www.securityhorizon.com/journal/spring2006.pdf
Part two:
http://www.securityhorizon.com/journal/summer2006.pdf
The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate authority (CA). The user identity must be unique for each CA. The binding is established through the registration and issuance process, which, depending on the level of assurance the binding has, may be carried out by software at a CA, or under human supervision. The PKI role that assures this binding is called the Registration Authority (RA) . For each user, the user identity, the public key, their binding, validity conditions and other attributes are made unforgeable in public key certificates issued by the CA.
The term trusted third party (TTP) may also be used for certificate authority (CA). The term PKI is sometimes erroneously used to denote public key algorithms, which do not require the use of a CA.
Duration : 0:4:22