Prepare for the ISACA Certified Information Security Manager Exam: CISM Review Manual by Gwen Bettwy & Mark Williams & Mike Beevers

Author:Gwen Bettwy & Mark Williams & Mike Beevers [Bettwy, Gwen & Williams, Mark & Beevers, Mike]
Language: eng
Format: epub
Published: 2021-02-15T00:00:00+00:00

One issue with public keys is how to establish trust in the public key. In other words, how do I know that the public key I have in my hand that has Bob’s name on it really belongs to Bob and not some imposter? The answer is certification, which could drive us down the path to Public Key Infrastructure (PKI).

Cryptography: Digital Certificates

A trusted third-party issues digital Certificates. The third party is certifying or attesting to the fact that they have verified the identity of the individual (or organization) and that the public key that is contained within the certificate really does belong to that individual. The key word in the previous statement is “trusted.” If I do not trust the third party, then how can I trust the digital certificate issued by them? Following that thought to its logical end, how do I trust the ownership of the public key? I cannot. Therefore, the Public Key Infrastructure (PKI) was created. PKI is the framework of processes and procedures dealing with public key management. PKI provides guidance for third parties pertaining to verifying identities and issuing digital certificates. If the third party is following the guidelines, then you and I can have a high degree of confidence in the public key we possess.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.