As IT infrastructures grows larger and larger and each day,more people and companies use various IT systems. Of course, users want thattheir important data would be private and secure. It could be done by dataencryption. Encryption is a process, which encodes message of information thatother unauthorized party can’t decode. Encryption keys are used for this this procedure.In this project we will analyze asymmetric key (public / private key) system.Public key infrastructure (PKI) is a what used to secureelectronic transfer of information for a range of network operations such ase-commerce, internet banking, confidential email and other activities.
It enablesentities to securely communicate on an insecure public network, and reliablyverify the identity of an entity via digital signatures.As public keys on PKI have to be signed it is sent to RootCertificate Authority. Many organizations have some kind of sites or other typeof service which need to have certificate signed by one of these rootauthorities. It can be expensive, especially if organization have multiplesystems or services to be signed. The solution for that is for company tobecome its own Root Certificate Authority.PKI can be set up for various systems and services likeApache, Nginx, Windows, Linux and so on.
On some of the systems it’s easier onothers – harder. This analysis will cover PKI implementation Linux OS. Mainanalysis task will be these:Overview PKI system and its structure;Implementing OpenSSL for PKI on Linux OS;Pros and cons of such system. Public key infrastructureBefore getting into problem solving we need to overview PKIcomponents and its operation. By doing this it will be know what we need on oursystem and what type of task required to do.As mentioned before public key infrastructure (PKI) is asecurity system in which users can transfer encode and sign digitally their messageusing public key cryptography. PKI uses asymmetric key or in other words,public / private key cryptography system. This cryptographic key and certification system lets to havesecure transactions of important and confidential data between relatively unfamiliarobjects.
PKI provides authentication, confidentiality and integrity for data that is transferredbetween these objects or users. ms· Authentication.The assurance that an entity is who he/she/it claims to be. Its function is todetermine datasource.· Confidentiality.The assurance to an entity that no one can read a particular piece of dataexcept the receiver(s) explicitly intended.· Integrity.
The assurance to an entity that data has not been altered (intentionally orunintentionally) between “there” and “here,” or between”then” and “now.”In public key infrastructure it is agreed that third partywill check user’s identity and vouch for it. It also let’s tie connect user toaccording key pair. That is typically done by software on main server whichinteracts with software on end points of connection. In most cases public keys are held in certificates.The public key must be signed in an X509 certificate, andthe certificate used to sign it must be available as Certificate Authority (CA)certificate.