SlideShare una empresa de Scribd logo

Pki for dummies

Descargar como PPTX, PDF
A
Alex de Jong

PKI is a set of components needed to issue and manage digital certificates. It includes hardware, software, policies and people. Certificates contain a subject's public key and are digitally signed by a certificate authority. PKIs can be public, where any system can validate certificates, or private, where only an organization's systems participate. Building a private PKI requires designing certificate templates and revocation processes. Managing certificates involves enrollment methods and checking certificate status.

1 de 18
PKI for Dummies Alex de Jong Microsoft Freelance
Agenda • PKI Overview • Your own PKI
Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates
Subject Valid from/to Issuer Serial Number
Certificate Extensions • Subject, Serial Number, Issuer, Valid From, Valid To • Public Key • Subject Alternative Names (SANs) • Authority Information Access (AIA) • Certificate Revocation Lists (CRLs) • Enhanced Key Usage
Authentication Encryption Authenticity
3 Encryption “methods” • Symmetric – 1 encryption key for encryption and decryption • Asymmetric – 2 keys encryption keys: Public & Private • Hashing – Used for Authenticity checking, passwords – Irreversible
Authenticity • Digitally Signed Data – e-mail, documents, this PowerPoint
About the Issuer
DEMO Public CA’s
Building one of your 0wn3d • Stand alone vs. Enterprise • Design Considerations • Certificate Revocation Lists (CRL’s)
Building one of your 0wn3d • Certificate Templates • Web Services • …
DEMO Private CA’s
Enrolling certificates • Web Services • Auto Enrollment • MMC Snap-in
From the client side • Managing your own certificates • Checking the others
DEMO Managing Certificates
Pki for dummies

Recomendados

Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Understanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iUnderstanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iPrecisely
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
2023 - IBM Cost of a Data Breach Report.pdf
2023 - IBM Cost of a Data Breach Report.pdf2023 - IBM Cost of a Data Breach Report.pdf
2023 - IBM Cost of a Data Breach Report.pdfErickaDiaz24
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 

Recomendados

Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Public key Infrastructure (PKI)
Public key Infrastructure (PKI)Venkatesh Jambulingam
 
Understanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iUnderstanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iPrecisely
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Public key infrastructure
Public key infrastructurePublic key infrastructure
Public key infrastructureAditya Nama
 
2023 - IBM Cost of a Data Breach Report.pdf
2023 - IBM Cost of a Data Breach Report.pdf2023 - IBM Cost of a Data Breach Report.pdf
2023 - IBM Cost of a Data Breach Report.pdfErickaDiaz24
 
Digital certificates
Digital certificatesDigital certificates
Digital certificatesBuddhika Karunanayaka
 
public key infrastructure
public key infrastructurepublic key infrastructure
public key infrastructurevimal kumar
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and ChallengesHappiest Minds Technologies
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityEng Hasan Shamroukh CISCO Exams Author
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記 HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記 Hacks in Taiwan (HITCON)
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Cloud security
Cloud securityCloud security
Cloud securityBikashPokharel3
 
Adaptive Authentication: What, Why and How?
Adaptive Authentication: What, Why and How?Adaptive Authentication: What, Why and How?
Adaptive Authentication: What, Why and How?WSO2
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecuritySounil Yu
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIBM Sverige
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Digital Bond
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?Evernym
 
Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedMike Chapple
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 

Más contenido relacionado

La actualidad más candente

The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Digital signature
Digital signatureDigital signature
Digital signatureAJAL A J
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記 HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記 Hacks in Taiwan (HITCON)
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Adaptive Authentication: What, Why and How?
Adaptive Authentication: What, Why and How?Adaptive Authentication: What, Why and How?
Adaptive Authentication: What, Why and How?WSO2
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​AlgoSec
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecuritySounil Yu
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIBM Sverige
 
Digital signature
Digital signatureDigital signature
Digital signaturePraseela R
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Digital Bond
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?Evernym
 

La actualidad más candente (20)

Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & Metrics
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind map
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices 
 
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記 HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
HITCON FreeTalk 2022 - Zero Trust Architecture 讀書筆記
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Prevention
 
Cloud security
Cloud securityCloud security
Cloud security
 
Adaptive Authentication: What, Why and How?
Adaptive Authentication: What, Why and How?Adaptive Authentication: What, Why and How?
Adaptive Authentication: What, Why and How?
 
Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
 
New Paradigms for the Next Era of Security
New Paradigms for the Next Era of SecurityNew Paradigms for the Next Era of Security
New Paradigms for the Next Era of Security
 
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen DeloitteIAM Methods 2.0 Presentation Michael Nielsen Deloitte
IAM Methods 2.0 Presentation Michael Nielsen Deloitte
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...
 
What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?What is self-sovereign identity (SSI)?
What is self-sovereign identity (SSI)?
 

Similar a Pki for dummies

Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedMike Chapple
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Public Key Infrastructures
Public Key InfrastructuresPublic Key Infrastructures
Public Key InfrastructuresZefren Edior
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsDavid Ochel
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkpromediakw
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena
 
SharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationSharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationJonathan Schultz
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructuresFrancesco Chicchiriccò
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgEric Vanderburg
 
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMEnterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMData Driven Innovation
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365Jan Egil Ring
 

Similar a Pki for dummies (20)

Apple SSL Vulnerability Explained
Apple SSL Vulnerability ExplainedApple SSL Vulnerability Explained
Apple SSL Vulnerability Explained
 
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinFOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
Public Key Infrastructures
Public Key InfrastructuresPublic Key Infrastructures
Public Key Infrastructures
 
Electronic security
Electronic securityElectronic security
Electronic security
 
Electronic Security
Electronic SecurityElectronic Security
Electronic Security
 
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsCertificates, PKI, and SSL/TLS for infrastructure builders and operators
Certificates, PKI, and SSL/TLS for infrastructure builders and operators
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
SharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based AuthenticationSharePoint Access Control and Claims Based Authentication
SharePoint Access Control and Claims Based Authentication
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
PKI Industry growth in Bangladesh
PKI Industry growth in BangladeshPKI Industry growth in Bangladesh
PKI Industry growth in Bangladesh
 
Jcv course contents
Jcv course contentsJcv course contents
Jcv course contents
 
Building open source identity infrastructures
Building open source identity infrastructuresBuilding open source identity infrastructures
Building open source identity infrastructures
 
Information Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric VanderburgInformation Security Lesson 9 - Keys - Eric Vanderburg
Information Security Lesson 9 - Keys - Eric Vanderburg
 
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMEnterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM
 
Preparing for Office 365
Preparing for Office 365Preparing for Office 365
Preparing for Office 365
 

Más de Alex de Jong

Surviving public speaking
Surviving public speakingSurviving public speaking
Surviving public speakingAlex de Jong
 
Client management.ppt
Client management.pptClient management.ppt
Client management.pptAlex de Jong
 
Da for dummies techdays 2012
Da for dummies techdays 2012Da for dummies techdays 2012
Da for dummies techdays 2012Alex de Jong
 
Direct access for dummies
Direct access for dummiesDirect access for dummies
Direct access for dummiesAlex de Jong
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012Alex de Jong
 
Windows 7 deployment
Windows 7 deploymentWindows 7 deployment
Windows 7 deploymentAlex de Jong
 
Deploying windows 8
Deploying windows 8Deploying windows 8
Deploying windows 8Alex de Jong
 
Windows 7 Deployment
Windows 7 DeploymentWindows 7 Deployment
Windows 7 DeploymentAlex de Jong
 

Más de Alex de Jong (8)

Surviving public speaking
Surviving public speakingSurviving public speaking
Surviving public speaking
 
Client management.ppt
Client management.pptClient management.ppt
Client management.ppt
 
Da for dummies techdays 2012
Da for dummies techdays 2012Da for dummies techdays 2012
Da for dummies techdays 2012
 
Direct access for dummies
Direct access for dummiesDirect access for dummies
Direct access for dummies
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012
 
Windows 7 deployment
Windows 7 deploymentWindows 7 deployment
Windows 7 deployment
 
Deploying windows 8
Deploying windows 8Deploying windows 8
Deploying windows 8
 
Windows 7 Deployment
Windows 7 DeploymentWindows 7 Deployment
Windows 7 Deployment
 

Pki for dummies