Pki for dummies

•Download as PPTX, PDF•

5 likes•15,711 views

PKI is a set of components needed to issue and manage digital certificates. It includes hardware, software, policies and people. Certificates contain a subject's public key and are digitally signed by a certificate authority. PKIs can be public, where any system can validate certificates, or private, where only an organization's systems participate. Building a private PKI requires designing certificate templates and revocation processes. Managing certificates involves enrollment methods and checking certificate status.

PKI for Dummies
Alex de Jong
Microsoft Freelance

Public Key Infrastructure (PKI) is a set of
hardware, software, people, policies, and
procedures needed to create, manage, distribute,
use, store, and revoke digital certificates

Subject Valid
from/to

Issuer

Serial Number

Certificate Extensions
• Subject, Serial Number, Issuer, Valid From, Valid To
• Public Key
• Subject Alternative Names (SANs)
• Authority Information Access (AIA)
• Certificate Revocation Lists (CRLs)
• Enhanced Key Usage

3 Encryption “methods”
• Symmetric
– 1 encryption key for encryption and decryption
• Asymmetric
– 2 keys encryption keys: Public & Private
• Hashing
– Used for Authenticity checking, passwords
– Irreversible

Authenticity
• Digitally Signed Data
– e-mail, documents, this PowerPoint

Building one of your 0wn3d
• Stand alone vs. Enterprise
• Design Considerations
• Certificate Revocation Lists (CRL’s)

Building one of your 0wn3d
• Certificate Templates
• Web Services
• …

Enrolling certificates
• Web Services
• Auto Enrollment
• MMC Snap-in

From the client side
• Managing your own certificates
• Checking the others

What's hot

CryptographyIGZ Software house

Secure software development presentationMahdi Dolati

DIGITAL SIGNATUREravijain90

Secure SDLC FrameworkRishi Kant

13 asymmetric key cryptographydrewz lin

Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...Sirius

Multifactor AuthenticationRonnie Isherwood

Ssdf nistNaveen Koyi

PhishingSagar Rai

Cryptography and PKIRabei Hassan

8. Software Development SecuritySam Bowne

Swift 7.2 & Customer Security: Providing choice, flexibility and control. Nancy Hernandez

Digital signaturePraseela R

Advanced cryptography and implementationAkash Jadhav

Seminar-Two Factor AuthenticationDilip Kr. Jangir

Setting up a secure development life cycle with OWASP - seba deleersnyderSebastien Deleersnyder

Telecommunications and Network Security PresentationWajahat Rajab

Secure Code Review 101Narudom Roongsiriwong, CISSP

Security Testing for Web ApplicationPrecise Testing Solution

Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies

What's hot (20)

Cryptography

Secure software development presentation

DIGITAL SIGNATURE

Secure SDLC Framework

13 asymmetric key cryptography

Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...

Multifactor Authentication

Ssdf nist

Phishing

Cryptography and PKI

8. Software Development Security

Swift 7.2 & Customer Security: Providing choice, flexibility and control.

Digital signature

Advanced cryptography and implementation

Seminar-Two Factor Authentication

Setting up a secure development life cycle with OWASP - seba deleersnyder

Telecommunications and Network Security Presentation

Secure Code Review 101

Security Testing for Web Application

Cybersecurity Attack Vectors: How to Protect Your Organization

Similar to Pki for dummies

Apple SSL Vulnerability ExplainedMike Chapple

FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/SovrinCalvin Cheng

Digital certificates and information securityDevam Shah

Public Key InfrastructuresZefren Edior

Electronic securityWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.

Electronic SecurityWe Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.

Certificates, PKI, and SSL/TLS for infrastructure builders and operatorsDavid Ochel

Dr. Omar Ali Alibrahim - Ssl talkpromediakw

Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19Andrew Hughes

Certificate pinning in android applicationsArash Ramez

Entrepreneurship & Commerce in IT - 11 - Security & EncryptionSachintha Gunasena

SharePoint Access Control and Claims Based AuthenticationJonathan Schultz

04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019Kumton Suttiraksiri

18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy

PKI Industry growth in BangladeshBangladesh Network Operators Group

Jcv course contentsVasanti Dutta

Building open source identity infrastructuresFrancesco Chicchiriccò

Information Security Lesson 9 - Keys - Eric VanderburgEric Vanderburg

Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBMData Driven Innovation

Preparing for Office 365Jan Egil Ring

Similar to Pki for dummies (20)

Apple SSL Vulnerability Explained

FOSSASIA 2018 Self-Sovereign Identity with Hyperledger Indy/Sovrin

Digital certificates and information security

Public Key Infrastructures

Electronic security

Electronic Security

Certificates, PKI, and SSL/TLS for infrastructure builders and operators

Dr. Omar Ali Alibrahim - Ssl talk

Digital Identity Landscape for Vancouver IAM Meetup 2017 12-19

Certificate pinning in android applications

Entrepreneurship & Commerce in IT - 11 - Security & Encryption

SharePoint Access Control and Claims Based Authentication

04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019

18CS2005 Cryptography and Network Security

PKI Industry growth in Bangladesh

Jcv course contents

Building open source identity infrastructures

Information Security Lesson 9 - Keys - Eric Vanderburg

Enterprise Blockchain & Data Sovereignty. Carlo Ferrarini, IBM

Preparing for Office 365

More from Alex de Jong

Surviving public speakingAlex de Jong

Client management.pptAlex de Jong

Da for dummies techdays 2012Alex de Jong

Direct access for dummiesAlex de Jong

What’s new in windows server 2012Alex de Jong

Windows 7 deploymentAlex de Jong

Deploying windows 8Alex de Jong

Windows 7 DeploymentAlex de Jong

More from Alex de Jong (8)

Surviving public speaking

Client management.ppt

Da for dummies techdays 2012

Direct access for dummies

What’s new in windows server 2012

Windows 7 deployment

Deploying windows 8

Windows 7 Deployment

Pki for dummies

2. PKI for Dummies Alex de Jong Microsoft Freelance

3. Agenda • PKI Overview • Your own PKI

4. Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates

5. Subject Valid from/to Issuer Serial Number

6. Certificate Extensions • Subject, Serial Number, Issuer, Valid From, Valid To • Public Key • Subject Alternative Names (SANs) • Authority Information Access (AIA) • Certificate Revocation Lists (CRLs) • Enhanced Key Usage

7. Authentication Encryption Authenticity

8. 3 Encryption “methods” • Symmetric – 1 encryption key for encryption and decryption • Asymmetric – 2 keys encryption keys: Public & Private • Hashing – Used for Authenticity checking, passwords – Irreversible

9. Authenticity • Digitally Signed Data – e-mail, documents, this PowerPoint

10. About the Issuer

11. DEMO Public CA’s

12. Building one of your 0wn3d • Stand alone vs. Enterprise • Design Considerations • Certificate Revocation Lists (CRL’s)

13. Building one of your 0wn3d • Certificate Templates • Web Services • …

14. DEMO Private CA’s

15. Enrolling certificates • Web Services • Auto Enrollment • MMC Snap-in

16. From the client side • Managing your own certificates • Checking the others

17. DEMO Managing Certificates