Certificate Authority

The Italian Legislation on Digital Signatures and the Role of Italian Banks as Certificate Authorities: A Strategic Analysis......................... .................................................................................... ........................................................................ ... ... Prediction of Insolvency of Life Insurers ...

Presently, mobile handheld device has successfully replaced traditional telephone to become the most popular wireless communication tools. Mobile Short Message Service (SMS) and Multimedia Message Service (MMS) fulfill almost all the user requirements as an effective communication and information delivering service. Since SMS/MMS become so popular on daily communication, there is a demand to communicate or exchange confidential information in a secure environment. Public Key Infrastructure (PKI) is a proven solution, which using pairing of key, for secure communication encryption. In this paper, m–PKI is introduced to provide PKI encryption to the mobile SMS and MMS. This new approach allows the end-user to send private and classified message via SMS. The key pair generation and distribution are performed by the Certificate Authority (CA). The size of the key pair are studied and decided by the tradeoff between performance and security.

Presently, mobile handheld device has successfully replaced traditional telephone to become the most popular wireless communication tools. Mobile Short Message Service (SMS) and Multimedia Message Service (MMS) fulfill almost all the user requirements as an effective communication and information delivering service. Since SMS/MMS become so popular on daily communication, there is a demand to communicate or exchange confidential information in a secure environment. Public Key Infrastructure (PKI) is a proven solution, which using pairing of key, for secure communication encryption. In this paper, m–PKI is introduced to provide PKI encryption to the mobile SMS and MMS. This new approach allows the end-user to send private and classified message via SMS. The key pair generation and distribution are performed by the Certificate Authority (CA). The size of the key pair are studied and decided by the tradeoff between performance and security.

Many safety-related, certification standards exist for developing safety-critical systems. System safety assessments are common practice and system certification according to a standard requires submitting relevant software safety information to appropriate authorities. The airworthiness standard, RTCA DO-178B, is the de-facto standard for certifying aerospace systems containing software. This research introduces an approach to improve communication and collaboration among safety engineers and software engineers by proposing a Unified Modeling Language (UML) profile that allows software engineers to model safety-related concepts and properties in UML, the de-facto software modeling language. Key safety-related concepts are extracted from RTCA DO-178B, and then a UML profile is defined to enable their precise modeling. We show that the profile improves the line of communication between safety engineers and software engineers, for instance by allowing the automated generation of certification-related information from UML models. This is illustrated through a case study on developing an aircraft’s navigation controller subsystem.

Digital certificates signed by trusted certification authorities (CAs) are used for multiple purposes, most commonly for secure binding of public keys to names and other attributes of their owners. Although a certificate usually includes an expiration time, it is not uncommon that a certificate needs to be revoked prematurely. For this reason, whenever a client (user or program) needs to

In India, the Information Technology Act, received the Presidential Assent in June 2000. The Act is based on the Model Law on E-Commerce adopted by the United Nations Commission on International Trade Law (UNCITRAL). The essence of the Act is captured in the long title: ‘An act to provide for the legal recognition of transactions carried out by … alternatives

The most emerging technology for people identification and authentication is biometrics. In contrast with traditional recognition approaches, biometric authentication relies on who a person is or what a person does, being based on strictly personal traits, much more difficult to be forgotten, lost, stolen, copied or forged than traditional data. In this paper, we focus on two vulnerable points of biometric systems: the database where the templates are stored and the communication channel between the stored templates and the matcher. Specifically, we propose a method, based on user adaptive error correction codes, to achieve securitization and cancelability of the stored templates applied to dynamic signature features. More in detail, the employed error correction code is tailored to the intra-class variability of each user's signature features. This leads to an enhancement of the system performance expressed in terms of false acceptance rate. Moreover, in order to avoid corruption or interception of the stored templates in the transmission channels, we propose a scheme based on threshold cryptography: the distribution of the certificate authority functionality among a number of nodes provides distributed, fault-tolerant, and hierarchical key management services. Experimental results show the effectiveness of our approach, when compared to traditional non-secure correlation-based classifiers.

Today, one of the biggest concerns about using the Internet for business-critical data is security. This paper will concentrate on the area of software security based on public key cryptographic technology. The Public Key systems make it possible for two parties to communicate securely without either having to know or trust the other party. This is possible because a third party, called the Certification Authority, that both the other parties trust identifies them, and certifies that their keys are genuine. This third party guarantees that they are who they claim to be. A public key infrastructure (PKI) is a set of technologies and security policies that a company can use to issue, revoke, and manage digital certificates within its organizational structure. The paper tries to analyse some of major deployment aspects of an organizational PKI and the main design issues for a Public Key Infrastructure (PKI), needed to secure network applications.

This paper presents a description and performance evaluation of a threshold secret sharing (TSS) authentication scheme for self- securing mobile ad hoc networks (MANETs) suffering from high packet-loss and node mobility. In order to evaluate the performance of the TSS scheme in a noisy MANET, a number of simulations were carried-out. We concluded that presence of noise inflicts significant reduction

Many safety-critical embedded systems are subject to certification requirements; some systems may be required to meet multiple sets of certification requirements, from different certification authorities. Certification requirements in such "mixed-criticality” systems give rise to interesting scheduling problems, that cannot be satisfactorily addressed using techniques from conventional scheduling theory. In this paper, we study a formal model for representing such mixed-criticality workloads. We demonstrate first the intractability of determining whether a system specified in this model can be scheduled to meet all its certification requirements, even for systems subject to merely two sets of certification requirements. Then we quantify, via the metric of processor speedup factor, the effectiveness of two techniques, reservation-based scheduling and priority-based scheduling, that are widely used in scheduling such mixed-criticality systems, showing that the latter of the two is superior to the former. We also show that the speedup factors we obtain are tight for these two techniques.

This paper presents and discusses a web oriented, interactive anonymous buyer-seller watermarking protocol. In particular, the protocol enables buyers who are neither provided with digital certificates issued by trusted certification authorities (CAs) nor able to autonomously perform security actions to purchase digital contents distributed by web content providers (CPs) while keeping their identities unexposed during web transactions. The protocol also allows guilty buyers, i.e. who are responsible distributors of illegal replicas, to be unambiguously identified. Finally, the protocol has been designed so that CPs can exploit copyright protection services supplied by web service providers (SPs) in a security context. Thus, CPs can take advantage of complex protection services without having to implement them.

Market research surveys report that 75% of hacks occur at the application layer. Of the multiple vulnerabilities that exist in Web application software, proper authentication of the client and the server to each other is fundamental to the security of the system. In the current scenario, we manage this with the adoption of password-based client authentication and PKI-based server authentication.

The development of e-commerce requires security to win the confidence of its stakeholders. Among the common protocols to establish safe financial transactions, Secure Electronic Transaction (SET) protocol has more security providing a safe protocol of payments at the level of the communication network between the buyers, sellers, banks and payment gates. In this protocol, all participants in the transaction should receive Certificate Authority (CA) identity. This paper analyzes the secure communication solutions and variety secure communication contracts for financial transactions. Then, architecture is presented to establish a web-based Certificate Authority (CA) identity for elements of Secure Electronic Transaction (SET) protocol and its implementation is described. The presented Certificate Authority (CA) identity in the article can process the requests of entities for online processing and transmit them through Hypertext Transfer Protocol (HTTP).

MANET applications and services pose many interesting challenges due to their unique features. Specifically, security is getting a lot of attention in every aspect of MANETs due to their inherent vulnerability to attacks. Threats exist in every layer of the MANET stack, and different solutions have been adapted for each security problem. Another problem for MANETs is availability, and adding more resources does not necessarily make the system more available. Certificate authority (CA) is one of the most important entities in public key infrastructure (PKI) and needs to be designed carefully when adapted to MANETs. The main goal of our work is to provide a framework that addresses the issues of performance and security of CA in MANETs. Additionally, we would like to increase the availability of CA services, while lowering packet overhead of the network, without increasing the network vulnerability. In this paper, we present a framework suitable for exchanging PKI certificates in MANETs. By caching and exchanging certificates between clients collaboratively, we show that our system can meet the performance challenges of providing CA service without sacrificing system security. Using NS-2 Simulator, we have demonstrated the feasibility of the framework, quantitatively, compared to other related research that has addressed the same problem in MANETs environments.

Cryptography and certification are considered necessary Internet features and must be used together, for example in ecommerce.This work deals with certification issues and reviews the three most common methods in use today, whichare based on X.509 Certificates and Certification Authorities (CAs), PGP and, SKIP. These methods are respectivelyclassified as directory, referral and collaborative based. For two parties in a dialogue