Abstract:
The internet communications are particularly vulnerable to security threats due to their open and distributed nature. With online businesses that have no boundaries, threats to authentication of users, data integrity and data confidentiality have become highly common. Digital certificates provide a basis for countering the aspects of these threats. The project is to establish a Certificate Authority (CA) for SEECS. A CA is a trusted third party that issues Personal Digital Certificates to users. Digital Certificate is an electronic document that is meant for users to identify themselves in electronic transactions. With a Digital Certificate, users can digitally sign documents and encrypt messages, thus ensuring data integrity and confidentiality in exchanging electronic information. Personal Digital Certificates enable users to digitally sign their e-mails to verify that sender of an email message, is indeed the owner of the email address that the message is sent from.
The role of the CA in this process is to guarantee that the individual granted the certificate is, in fact, who he or she claims to be so as to eliminate the chances of repudiation. The CA confirms that the public key contained in the certificate belongs to the person mentioned in the certificate by binding the user credentials and public key. The CA not only issues the certificates but also manages the revocation process if different conditions may cause them to become invalid. The CA also publishes the certificate Information in a secured manner to be viewed by the relying parties and also allows the user to download a person’s certificate.
These three processes of Certificate Generation, Certificate Revocation and Certificate Information Publication have been implemented in the project. The system has been designed with care, taking into consideration the requirements of secure communication and overcomes the threats to authentication and confidentiality.
