Digital Certificate Technology - Doc
Added on - 15 Jan 2020
Surname1Name:Instructor:Course:Date:Digital Certificate TechnologyIntroductionDigital certificates authenticate the web credentials of the person sending a message andlet the recipient of the message to be in a position to know that the message has come from atrusted source. Thus, digital certificate allows computers, organization as well as people toexchange information securely using the Public Key Infrastructure (PKI). Digital certificatestechnology thus plays a significant role in security to the Internet. Security on the internet is veryimportant since it provides confidentiality of information, authentication, non-repudiation,integrity and access control of the information already sent (Henderson et al., 6).However,digital certificate technology has been faced with several drawbacks. With the development ofnetworks, antivirus software and firewalls have been standard measures for security. However,using these measures of security, sometimes it cannot prevent attacks from unauthorized peopleusing the internet.
Surname2Digital Certificate TechnologyDigital certificate and digital signatures are made to be effective using the Public KeyInfrastructure scheme (PKI) so as to eliminate the risks such as forging of document or sendingirrelevant message to an individual. They provide identification information that prevents anyfalsification whereby they provide authentication of the information and in case of anyverification it can be verified easily since the certificate is issued by a trusted agency thecertification authority (CA) .The PKI ensures a safe and secure transaction between twocounterparts in internet network(Le & Eric , 19).This security is ensured by the PKI even whenthere are many users in the internet who are transacting a variety of information and data tovarious people and organizations.The browsers and the operating systems can send the already sent public keys and theencrypted messages back to the sender since it contains symmetric key that is used to encrypt theattachment that has the identifying data to various recipients simultaneously. A root certificateauthority signs the documents using the public and private keys to provide the evidence that thecertificate is genuine and valid. Public keys are embedded in browsers and client internetsoftware, and they are currently found on any modern computer. The public key and private keycan be used to sign into any program that is used in an organization to ensure that anyone using itsuch as downloading software can be verified.In digital certificates technology, if security is not properly maintained its consequencescan be disastrous to the individual or the organization using the internet since its information canbe accessed by an unauthorized person. Criminals can create websites that are fraudulent andappear to originate from the original user and use it to fraud money to people connected to the
Surname3organization. They can create malware that is addressed to a wrong address, and they can stealdetails of credit cards or other information that is vulnerable and crucial whereby the can use it tosteal money.Ways Digital Certificates hasCompromised SecurityThe risks associated with using digital certificates that are weak have been widely amatter of discussion. Numerous tools have been released in the digital market to exploit and dealwith these vulnerabilities. There has been malware that has been developed to support the effortsof ensuring that software developed is genuine and of the right standard. Through the softwarevulnerability, there have been many malware authors and advanced hackers who create fakecertificates and encourage the users to communicate and they steal their personal data.Enterprises and organizations should learn about the dangers that are associated with the use ofinsecure digital certificates and ways in which they can use to deal with them.Digital certificates do not necessarily mean that the identity of the party has beenverified, some documents such as banknotes that have signatures can easily be duplicatedthrough digital data (Akehurst-ryanet al., 8). Therefore, identifying the data from the possessionof it does not guarantee that it comes from a trusted source. To determine whether it comes froma trusted source, one must use the digital certificate and signature that is created using privatekeys. The certificate is equivalent to a document that relates an owner to a public key. Thesecertificates are issued by a Certificate Authority (CA) that is a trusted third party. It is trustedsince it is recognized by both the parties communicating.