Advertise on ITWeb         Sun, 29 May, 11:37:42 AM

Digital certificates tighten Web and e-commerce security

As the world starts to operate the e-business way, corporate security is being re-examined and digital certificates are emerging as core security building blocks.

"E-mail now carries not only memos and notes, but also contracts and sensitive financial information," says Gary Middleton, national sales manager of Dimension Data Security. "The Web is increasingly being used for software distribution and e-commerce while virtual private networks (VPNs) are extending corporate networks onto the Internet.

"Secure e-mail, Web access, E-commerce, VPNs and extranets require security, which provides confidentiality, authentication, access control, data integrity, and accountability," says Middleton.

"Certificates and public key cryptography are emerging as the preferred enablers of strong security. Many large organisations will deploy public key cryptography and certificates throughout the company in the next few years."

According to a Forrester Report entitled 'A Digital Certificate Road Map' (June 1999), more than half (56%) of the Global 2 500 firms interviewed planned to migrate to digital certificates as their primary means to authenticate users within the next two years.

Public key cryptography requires a public key infrastructure (PKI), essential services for managing digital certificates and encryption keys for people, programmes and systems.

"Cryptography uses mathematical algorithms and processes to convert intelligible plain text into unintelligible ciphertext, and vice versa," explains Middleton. "Public key cryptography uses pairs of keys: a public key that is widely available, and a different private key known only to the person, application or service that owns the keys.

"Digital certificates provide the means of validating public keys," he says. "They are digital documents that bind a public key to a person, application or service."

Middleton says that to successfully deploy a PKI, organisations must:

  • develop a sound strategy,
  • plan for interoperability,
  • determine how applications will interface with the PKI,
  • size the initial project correctly, and
  • plan for technical staff requirements.

Dimension Data Security is a Southern African partner for RSA Security, the world leader in e-Security. RSA developed the encryption software, BSAFE, that secures nearly half billion applications worldwide, and has almost 20 years of industry experience.

RSA Keon is a family of interoperable, standards-based PKI products for managing digital certificates and providing an environment for authenticated, private and legally binding electronic communications and transactions.

"The RSA Keon family - from a robust certificate authority to developer components and turn-key enterprise solutions - provides a common foundation for securing Internet and e-business applications," says Middleton.

Our comments policy does not allow anonymous postings. Read the policy here




Sponsors Message