SlideShare una empresa de Scribd logo

Pki for dummies

Descargar como PPTX, PDF
A
Alex de Jong

PKI is a set of components needed to issue and manage digital certificates. It includes hardware, software, policies and people. Certificates contain a subject's public key and are digitally signed by a certificate authority. PKIs can be public, where any system can validate certificates, or private, where only an organization's systems participate. Building a private PKI requires designing certificate templates and revocation processes. Managing certificates involves enrollment methods and checking certificate status.

1 de 18
PKI for Dummies Alex de Jong Microsoft Freelance
Agenda • PKI Overview • Your own PKI
Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates
Subject Valid from/to Issuer Serial Number
Certificate Extensions • Subject, Serial Number, Issuer, Valid From, Valid To • Public Key • Subject Alternative Names (SANs) • Authority Information Access (AIA) • Certificate Revocation Lists (CRLs) • Enhanced Key Usage
Authentication Encryption Authenticity
3 Encryption “methods” • Symmetric – 1 encryption key for encryption and decryption • Asymmetric – 2 keys encryption keys: Public & Private • Hashing – Used for Authenticity checking, passwords – Irreversible
Authenticity • Digitally Signed Data – e-mail, documents, this PowerPoint
About the Issuer
DEMO Public CA’s
Building one of your 0wn3d • Stand alone vs. Enterprise • Design Considerations • Certificate Revocation Lists (CRL’s)
Building one of your 0wn3d • Certificate Templates • Web Services • …
DEMO Private CA’s
Enrolling certificates • Web Services • Auto Enrollment • MMC Snap-in
From the client side • Managing your own certificates • Checking the others
DEMO Managing Certificates
Pki for dummies

Recomendados

Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 

Recomendados

Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication rajakhurram
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systemsAbdulaziz Mohd
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewRamesh Nagappan
 
Cryptography
CryptographyCryptography
Cryptographysubodh pawar
 
Blockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesBlockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesSébastien Tandel
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSMNarudom Roongsiriwong, CISSP
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
Cryptography
CryptographyCryptography
CryptographyJens Patel
 
Guide to MFA
Guide to MFAGuide to MFA
Guide to MFAJack Forbes
 
Digital Certificate
Digital CertificateDigital Certificate
Digital CertificateSumant Diwakar
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYJyothishmathi Institute of Technology and Science Karimnagar
 
Secure electronic transactions (SET)
Secure electronic transactions (SET)Secure electronic transactions (SET)
Secure electronic transactions (SET)Omar Ghazi
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityClare Nelson, CISSP, CIPP-E
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptographydrewz lin
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 
Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedMike Chapple
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 

Más contenido relacionado

La actualidad más candente

Digital certificates
Digital certificatesDigital certificates
Digital certificatesSimmi Kamra
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication rajakhurram
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyAdam Reagan
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systemsAbdulaziz Mohd
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewRamesh Nagappan
 
Blockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesBlockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesSébastien Tandel
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing FunctionsYusuf Uzun
 
Secure electronic transactions (SET)
Secure electronic transactions (SET)Secure electronic transactions (SET)
Secure electronic transactions (SET)Omar Ghazi
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityClare Nelson, CISSP, CIPP-E
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptographydrewz lin
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)danb02
 

La actualidad más candente (20)

Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
Secure payment systems
Secure payment systemsSecure payment systems
Secure payment systems
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical Overview
 
Cryptography
CryptographyCryptography
Cryptography
 
Blockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challengesBlockchain overview, use cases, implementations and challenges
Blockchain overview, use cases, implementations and challenges
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
Cryptographic Hashing Functions
Cryptographic Hashing FunctionsCryptographic Hashing Functions
Cryptographic Hashing Functions
 
Cryptography
CryptographyCryptography
Cryptography
 
Guide to MFA
Guide to MFAGuide to MFA
Guide to MFA
 
Digital Certificate
Digital CertificateDigital Certificate
Digital Certificate
 
CRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITYCRYPTOGRAPHY & NETWORK SECURITY
CRYPTOGRAPHY & NETWORK SECURITY
 
Secure electronic transactions (SET)
Secure electronic transactions (SET)Secure electronic transactions (SET)
Secure electronic transactions (SET)
 
Zero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital IdentityZero-Knowledge Proofs in Light of Digital Identity
Zero-Knowledge Proofs in Light of Digital Identity
 
13 asymmetric key cryptography
13 asymmetric key cryptography13 asymmetric key cryptography
13 asymmetric key cryptography
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 

Similar a Pki for dummies

Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedMike Chapple
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 
Public Key Infrastructures
Public Key InfrastructuresPublic Key Infrastructures
Public Key InfrastructuresZefren Edior
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsDavid Ochel
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkpromediakw
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
SharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationSharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationJonathan Schultz
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgEric Vanderburg
 
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMEnterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMData Driven Innovation
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 
OISC2013_Presentation
OISC2013_PresentationOISC2013_Presentation
OISC2013_PresentationAustin Nagel
 

Similar a Pki for dummies (20)

Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability Explained
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
 
Public Key Infrastructures
Public Key InfrastructuresPublic Key Infrastructures
Public Key Infrastructures
 
Electronic security
Electronic securityElectronic security
Electronic security
 
Electronic Security
Electronic SecurityElectronic Security
Electronic Security
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
SharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationSharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based Authentication
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in Bangladesh
 
Jcv course contents
Jcv course contentsJcv course contents
Jcv course contents
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructures
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
 
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMEnterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365
 
OISC2013_Presentation
OISC2013_PresentationOISC2013_Presentation
OISC2013_Presentation
 

Más de Alex de Jong

Surviving public speaking
Surviving public speakingSurviving public speaking
Surviving public speakingAlex de Jong
 
Client management.ppt
Client management.pptClient management.ppt
Client management.pptAlex de Jong
 
Da for dummies techdays 2012
Da for dummies techdays 2012Da for dummies techdays 2012
Da for dummies techdays 2012Alex de Jong
 
Direct access for dummies
Direct access for dummiesDirect access for dummies
Direct access for dummiesAlex de Jong
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012Alex de Jong
 
Windows 7 deployment
Windows 7 deploymentWindows 7 deployment
Windows 7 deploymentAlex de Jong
 
Deploying windows 8
Deploying windows 8Deploying windows 8
Deploying windows 8Alex de Jong
 
Windows 7 Deployment
Windows 7 DeploymentWindows 7 Deployment
Windows 7 DeploymentAlex de Jong
 

Más de Alex de Jong (8)

Surviving public speaking
Surviving public speakingSurviving public speaking
Surviving public speaking
 
Client management.ppt
Client management.pptClient management.ppt
Client management.ppt
 
Da for dummies techdays 2012
Da for dummies techdays 2012Da for dummies techdays 2012
Da for dummies techdays 2012
 
Direct access for dummies
Direct access for dummiesDirect access for dummies
Direct access for dummies
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012
 
Windows 7 deployment
Windows 7 deploymentWindows 7 deployment
Windows 7 deployment
 
Deploying windows 8
Deploying windows 8Deploying windows 8
Deploying windows 8
 
Windows 7 Deployment
Windows 7 DeploymentWindows 7 Deployment
Windows 7 Deployment
 

Pki for dummies