Certification Authority - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Certification Authority

Description:

Will you issue certificates to non-employees? ... Identifies applications to secure by using certificates ... Implement cross certification or qualified subordination ... – PowerPoint PPT presentation

Number of Views:73
Avg rating:3.0/5.0
Slides: 29
Provided by: downloadM
Category:

less

Transcript and Presenter's Notes

Title: Certification Authority


1
Certification Authority
2
Overview
  • Identifying CA Hierarchy Design Requirements
  • Common CA Hierarchy Designs
  • Documenting Legal Requirements
  • Analyzing Design Requirements
  • Designing a Hierarchy Structure

3
Identifying CA Hierarchy Design Requirements
  • Project Scope
  • Applications that Use a PKI
  • Which Accounts Use PKI-Enabled Applications?
  • How to Identify Technical Requirements
  • How to Identify Business Requirements

4
Roles in a Certification Authority Hierarchy
5
Applications That Use a PKI
DigitalSignatures
Smart Card Logon
EncryptingFile System
SecureE-mail
InternetAuthentication
SoftwareCode Signing
Software Restriction Policy
IP Security
802.1x
6
Which Accounts Use PKI-Enabled Applications?
Users
Computers
Services
7
How to Identify Technical Requirements
8
How to Identify Business Requirements
9
Common CA Hierarchy Designs
  • CA Hierarchy Based on Certificate Usage
  • CA Hierarchy Based on Location
  • CA Hierarchy Based on Departments
  • CA Hierarchy Based on Organizational Structure

10
CA Hierarchy Based on Certificate Use
Certificate Use
S/MIME
EFS
RAS
Use a CA hierarchy based on certificate use to
  • Implement different issuance requirements
  • Meet local legal requirements for a specific
    certificate type

11
CA Hierarchy Based on Location
Location
India
Canada
United States
Use a CA hierarchy based on location to
  • Meet legal requirements for local management
  • Meet business requirements for CA availability

12
CA Hierarchy Based on Organizational Structure
13
Documenting Legal Requirements
  • Steps for Designing Legal Requirements
  • Security Policy
  • Certificate Policy
  • Certification Practice Statement

14
Steps for Designing Legal Requirements
15
Security Policy
A security policy
  • Defines for using security services
  • Reflects an organizations business and IT
    strategy
  • Identifies applications to secure by using
    certificates
  • Defines security services to offer by using
    certificates

16
Certificate Policy
A certificate policy describes
  • The user identification process
  • Private key management requirements
  • The process for responding to lost or compromised
    private keys
  • Certificate enrollment and renewal requirements
  • The maximum dollar value for transactions

17
Certification Practice Statement
A CPS can include these sections
  • Introduction
  • General Provisions
  • Identification and Authentication
  • Operational Requirements
  • Physical, Procedural, and Personnel Security
    Controls
  • Technical Security Controls
  • Certificate and CRL Profile
  • Specification Administration

18
Analyzing Design Requirements
  • Recommendations for Meeting Security Requirements
  • Recommendations for Meeting External Access
    Requirements
  • Recommendations for Meeting Application
    Requirements
  • Recommendations for Meeting Administration
    Requirements
  • Recommendations for Meeting Availability
    Requirements

19
Recommendations for Meeting Security Requirements
20
Recommendations for Meeting External Access
Requirements
21
Recommendations for Meeting Application
Requirements
22
Recommendations for Meeting Administration
Requirements
23
Recommendations for Meeting Availability
Requirements
24
Designing a CA Hierarchy Structure
  • Recommended Depth of a CA Hierarchy
  • Security Levels in the CA Hierarchy
  • Considerations for Choosing a CA Type
  • CA Management Using Role Separation
  • Guidelines for Designing a CA Hierarchy

25
Recommended Depth of a CA Hierarchy
26
Security Levels in the CA Hierarchy
  • Security at the root CA
  • Requires highest level of security
  • Requires minimal access
  • As the distance from the root CA increases
  • Security decreases
  • Access to issuing CAs increases

27
Considerations for Choosing a CA Type
28
Guidelines for Designing a CA Hierarchy
When designing a CA hierarchy
  • Define the scope of your CA hierarchy design
  • Define all requirements for your CA hierarchy
  • Deploy an offline root CA
  • Design a hierarchy that is no more than 3-4
    layers
  • Define appropriate security levels for each CA
  • Choose the appropriate CA policy for each CA
  • Plan role separation early in the CA hierarchy
    design
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Certification Authority" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!