SlideShare a Scribd company logo

Advance itt

Download as PPTX, PDF
Sahil Bansal
Sahil Bansal

ICAI - Advance ITT - Project on XBRL, Digital Signatures, Cryptography and Digital Certificates

Education
1 of 35
Project on XBRL, Digital Signatures, Cryptography, Digital Certificates Submitted to: ICAI – ADVANCE ITT
Table of Contents PARTICULARS PAGE NO.  Introduction to XBRL 5  Contents of XBRL 6-7  Applicability of XBRL 8  Advantages of XBRL 9-10  Intro to XBRL Instance document 11  Chart for creating XBRL Instance Document 12  Steps for creating XBRL Instance document 13  Chart for validation of XBRL Instance Document 14  Steps for validating XBRL Instance document 15
PARTICULARS PAGE NO.  Definition of Digital Signature 16-17  Basic Requirements 18  Process of Digital signatures 19  DSC Issuing Authority 20  Classes of digital signature 21  Need for Cryptography 22  Cryptography 23  Encryption and Decryption 24  How Cryptography Works 25  Categories of Cryptography 26  Cryptography in Digital Signatures 27
PARTICULARS PAGE NO.  Meaning – Digital Certificates 28  Types of Digital Certificates 29-32  Advantages 33  Disadvantages 34
Introduction to XBRL XBRL stands for extensible Business Reporting Language. Language for the electronic communication of business and financial data. Provides major benefits in the preparation, analysis and communication of business information. Offers cost savings, greater efficiency and improved accuracy and reliability to all those involved in supplying or using financial data. Being put to practical use in a number of countries. 5
What does it contain?  XBRL documents filed by the companies should include the following information reported by the companies as per the existing provisions of law. Information disclosed in the following sections of the Annual Report Balance Sheet Profit and Loss Statement Cash Flow Statement 6
Schedules related to Balance Sheet and Profit and Loss Statement Notes to Accounts Statement pursuant to Section 212 of the Companies Act, 1956 relating to subsidiary companies 7
Who is it applicable for ?  Following class of companies have to file the Financial Statements in XBRL Form from the year 2010-2011:  All companies listed in India and their subsidiaries, including overseas subsidiaries  All companies having a paid up capital of Rs. 5 Crore and above or a Turnover of Rs 100 crore or above 8
Advantages of XBRL Offers major benefits at all stages of business reporting and analysis Benefits are seen in automation, cost saving, faster, more reliable and more accurate handling of data, improved analysis and in better quality of information and decision making Switch resources away from costly manual processes 9
Concentrate effort on analysis, aided by software which can validate and process XBRL information 10
2 An XBRL instance document is a business report in an electronic format created according to the rules of XBRL. It contains facts that are defined by the elements in the taxonomy it refers to, together with their values and an explanation of the context in which they are placed. 11
Creation of XBRL instance document 12
The first step in creation of an instance document is to do tagging of the XBRL taxonomy elements with the various accounting heads in the books of accounts of the company. This would create the mapping of the taxonomy elements with the accounting heads so that the accounting information can be converted into XBRL form. Once the tagging of financial statement elements with the published taxonomy elements is done, the next step is to create the instance document. An instance document is a XML file that contains business reporting information and represents a collection of financial facts and report-specific information using tags from the XBRL taxonomy. Once the instance document is prepared, it needs to be ensured that the instance document is a valid instance document and all the information has been correctly captured in the instance document. Steps for creating XBRL instance document 13
Validation of XBRL instance document 14
 Once the instance document is prepared, it needs to be ensured that the instance document is a valid instance document and all the information has been correctly captured in the instance document.  There shall be a tool provided at the MCA portal for validating the generated XBRL instance document. Validating the instance document is a pre requisite before filing the balance sheet and profit & loss account on MCA portal. You are required to download the tool from the MCA website and validate the instance document before uploading. There shall also be a facility to view and search the taxonomy.  Once the tool has been downloaded, the next step is to validate the instance document. The following validations shall be performed by the tool-  Validating that the instance document is as per the latest and correct version of taxonomy prescribed by MCA  All mandatory elements have been entered  Other validations as per taxonomy Process of validating XBRL instance document 15
16 INTRODUCTION: DIGITAL SIGNATURE  The authenticity of many legal, financial, and other documents is done by the presence or absence of an authorized handwritten signature  “Digital Signature” is the best solution for authenticity in various fields.  A digital signature is nothing but an attachment to any piece of electronic information, which represents the content of the document and the identity of the owner of that document uniquely.
17 What is digital signature  Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document.  Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document.  As the public key of the signer is known, anybody can verify the message and the digital signature.
Basic Requirements: The Private Key is one which is accessible only to the signer. It is used to generate the digital signature which is then attached to the message. The Public Key is made available to all those who receive the signed messages from the sender. It is used for verification of the received message. Digital Signature Certificates looks like Pendrive which has software installed for proper working. The Certifying Authorities (CAs) issue digital signature certificates for electronic authentication of users. 18
Process of Digital Signature: 19
DSC Issuing Authority 20  The Controller of Certifying Authorities (CCA) has established the Root Certifying Authority (RCAI) of India under section 18(b) of the IT Act to digitally sign the public keys of Certifying Authorities (CA) in the country. The RCAI is operated as per the standards laid down under the Act.  The CCA certifies the public keys of CAs using its own private key, which enables users in the cyberspace to verify that a given certificate is issued by a licensed CA.
Classes of DSC 21 CLASSES APPLICABILITY ASSURANCE LEVEL Class 1 Certificate Less risky environment Basic Level of assurance Class 2 Certificate Moderate risky environment Moderate Level of assurance Class 3 Certificate High risky (Fraud) environment High Level of assurance
Need for Cryptography 22  Confidentiality  Authentication  Non-repudiation
What is Cryptography  Cryptography derived its name from a Greek word called “Kryptos” which means “Hidden Secrets”  Cryptography is the practice and study of hiding information  It is the science of converting a plain intelligible data into an unintelligible data and again retransforming that message into its original form 23
What is Encryption & Decryption  Encryption is the process of converting plain text into an unintelligible format (cipher text)  Decryption is the process of converting cipher text back into its original form 24
How Cryptography Works 25
Categories of Cryptography Cryptography Symmetric Key Cryptography Asymmetric Key Cryptography 26 Symmetric Key Cryptography Asymmetric Key Cryptography Encryption and decryption using the same key Two different keys are used They key must be kept secret One of the two key must be kept secret Simpler and faster Relatively complex Less secured More secured.
Cryptography in Digital Signatures  Digital signatures are primarily used for  Authentication  Non-repudiation 27 Bill(digitally signed) ENCRYP TION DECRYP TION
28 What are Digital Certificates? A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer- based information. It is issued by a Certification Authority (CA), and serves the same purpose as a driver’s license or a passport.
29 Types Digital Certificates There are four main types of digital certificates :- Server Certificates Personal Certificates Organization Certificates Developer Certificates
30 Server Certificates Allows visitors to exchange personal information such as credit card numbers, free from the threat of interception or tampering. Server Certificates are a must for building and designing e-commerce sites as confidential information is shared between clients, customers and vendors.
31 Personal Certificates Personal Certificates allow one to authenticate a visitor’s identity and restrict access to specified content to particular visitors. Personal Certificates are perfect for business to business communications such as offering suppliers and partners controlled access to special web sites for updating product availability, shipping dates and inventory management.
32 Organization & Developer Certificates Organization Certificates are used by corporate entities to identify employees for secure e-mail and web-based transaction. Developer Certificates prove authorship and retain integrity of distributed software programs e.g. installing a software on a computer system in most instances requires what is called a “serial key”.
33 Advantages 1. Authentication: By using digital certificates the identity of the entity can be verified. 2. Secure: It assures that the public key belongs to the owner of the certificate an so a secure communication can established for confidential email, e-commerce and online transactions. 3. Integrity: Integrity is guaranteed a long as the CA’s signature on the digital certificate can be verified. 4. It prevents man-in-the-middle attacks, where a malicious user pretends to be the web site that the user wants to connect with.
34 Disadvantages 1. When a certificate authority is compromised, hackers can create websites or send emails that look genuine and pass certification tests, but are actually fraudulent. 2. A browser does not give a warning when a web site changes the certificate. 3. A user has to blindly trust that the developer of the OS has installed genuine root certificates and not fraudulent certificates.
35

Recommended

electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010SC Leung
 
KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryNitin Patidar
 
Identity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuIdentity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuE-Government Center Moldova
 
QR Code and Transport Layer Security For Licensing Documents Verification- Ir...
QR Code and Transport Layer Security For Licensing Documents Verification- Ir...QR Code and Transport Layer Security For Licensing Documents Verification- Ir...
QR Code and Transport Layer Security For Licensing Documents Verification- Ir...irawan afrianto
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference GuideSafeNet
 
S2: FinTech Markets and Laws in Thailand (20 Oct 2021)
S2: FinTech Markets and Laws in Thailand (20 Oct 2021)S2: FinTech Markets and Laws in Thailand (20 Oct 2021)
S2: FinTech Markets and Laws in Thailand (20 Oct 2021)Kullarat Phongsathaporn
 
The Nordic Model: Customer on-boarding powered by eIDs, BI and eSigning
The Nordic Model: Customer on-boarding powered by eIDs, BI and eSigningThe Nordic Model: Customer on-boarding powered by eIDs, BI and eSigning
The Nordic Model: Customer on-boarding powered by eIDs, BI and eSigningGeorge Amanatiadis
 

Recommended

electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010The Hong Kong Public Key Infrastruture 2010
The Hong Kong Public Key Infrastruture 2010SC Leung
 
KYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryKYC Blockchain in Insurance Industry
KYC Blockchain in Insurance IndustryNitin Patidar
 
Identity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuIdentity management in government, mr. iurie turcanu
Identity management in government, mr. iurie turcanuE-Government Center Moldova
 
QR Code and Transport Layer Security For Licensing Documents Verification- Ir...
QR Code and Transport Layer Security For Licensing Documents Verification- Ir...QR Code and Transport Layer Security For Licensing Documents Verification- Ir...
QR Code and Transport Layer Security For Licensing Documents Verification- Ir...irawan afrianto
 
eIDAS Reference Guide
eIDAS Reference GuideeIDAS Reference Guide
eIDAS Reference GuideSafeNet
 
S2: FinTech Markets and Laws in Thailand (20 Oct 2021)
S2: FinTech Markets and Laws in Thailand (20 Oct 2021)S2: FinTech Markets and Laws in Thailand (20 Oct 2021)
S2: FinTech Markets and Laws in Thailand (20 Oct 2021)Kullarat Phongsathaporn
 
The Nordic Model: Customer on-boarding powered by eIDs, BI and eSigning
The Nordic Model: Customer on-boarding powered by eIDs, BI and eSigningThe Nordic Model: Customer on-boarding powered by eIDs, BI and eSigning
The Nordic Model: Customer on-boarding powered by eIDs, BI and eSigningGeorge Amanatiadis
 
Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Aladdin Dandis
 
ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018Quentin Castel
 
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...Gerson Rolim
 
Secure Electronic Transaction (SET)
Secure Electronic Transaction (SET)Secure Electronic Transaction (SET)
Secure Electronic Transaction (SET)Syed Taimoor Hussain Shah
 
Role of a Qualified Trust Service Provider in Europe
Role of a Qualified Trust Service Provider in EuropeRole of a Qualified Trust Service Provider in Europe
Role of a Qualified Trust Service Provider in EuropeNamirial GmbH
 
digital signature and verification on-site solution
digital signature and verification on-site solutiondigital signature and verification on-site solution
digital signature and verification on-site solutionMohammad ShAms
 
Mind- Boggling Features & Benefits of Video KYC
Mind- Boggling Features & Benefits of Video KYCMind- Boggling Features & Benefits of Video KYC
Mind- Boggling Features & Benefits of Video KYCSignzy
 
A7: Chulalongkorn University | E-Payment and FinTech (2018)
A7: Chulalongkorn University | E-Payment and FinTech (2018)A7: Chulalongkorn University | E-Payment and FinTech (2018)
A7: Chulalongkorn University | E-Payment and FinTech (2018)Kullarat Phongsathaporn
 
Eurosmart presentation on the eidas regulation
Eurosmart presentation on the eidas regulationEurosmart presentation on the eidas regulation
Eurosmart presentation on the eidas regulationStefane Mouille
 
swift_connectivity_factsheet_l2ba
swift_connectivity_factsheet_l2baswift_connectivity_factsheet_l2ba
swift_connectivity_factsheet_l2baFrederik Adriaensen
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerPalash Mehar
 
Digital Signature
Digital Signature Digital Signature
Digital Signature Vakilsearch
 
2017.03.30 - e-Signatures Conference for ZertES and eIDAS
2017.03.30 - e-Signatures Conference for ZertES and eIDAS 2017.03.30 - e-Signatures Conference for ZertES and eIDAS
2017.03.30 - e-Signatures Conference for ZertES and eIDAS Kyos
 
A11: TAI | FinTech (3 Aug 2020)
A11: TAI | FinTech (3 Aug 2020)A11: TAI | FinTech (3 Aug 2020)
A11: TAI | FinTech (3 Aug 2020)Kullarat Phongsathaporn
 
The Smart Approach To Pci DSS Compliance – Braintree White Paper
The Smart Approach To Pci DSS Compliance – Braintree White PaperThe Smart Approach To Pci DSS Compliance – Braintree White Paper
The Smart Approach To Pci DSS Compliance – Braintree White PaperBen Rothke
 
PKI in Government Digital Identity Management Systems
PKI in Government Digital Identity Management SystemsPKI in Government Digital Identity Management Systems
PKI in Government Digital Identity Management SystemsArab Federation for Digital Economy
 
Chapter 12 regulatory technology for aml compliance
Chapter 12 regulatory technology for aml complianceChapter 12 regulatory technology for aml compliance
Chapter 12 regulatory technology for aml complianceQuan Risk
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONPankaj Rane
 
Act2000n
Act2000nAct2000n
Act2000nPartha Mehrotra
 
Chapter 7 risk based approach
Chapter 7 risk based approachChapter 7 risk based approach
Chapter 7 risk based approachQuan Risk
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!Process Fusion Inc
 

More Related Content

What's hot

Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Aladdin Dandis
 
ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018Quentin Castel
 
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...Gerson Rolim
 
Role of a Qualified Trust Service Provider in Europe
Role of a Qualified Trust Service Provider in EuropeRole of a Qualified Trust Service Provider in Europe
Role of a Qualified Trust Service Provider in EuropeNamirial GmbH
 
digital signature and verification on-site solution
digital signature and verification on-site solutiondigital signature and verification on-site solution
digital signature and verification on-site solutionMohammad ShAms
 
Mind- Boggling Features & Benefits of Video KYC
Mind- Boggling Features & Benefits of Video KYCMind- Boggling Features & Benefits of Video KYC
Mind- Boggling Features & Benefits of Video KYCSignzy
 
A7: Chulalongkorn University | E-Payment and FinTech (2018)
A7: Chulalongkorn University | E-Payment and FinTech (2018)A7: Chulalongkorn University | E-Payment and FinTech (2018)
A7: Chulalongkorn University | E-Payment and FinTech (2018)Kullarat Phongsathaporn
 
Eurosmart presentation on the eidas regulation
Eurosmart presentation on the eidas regulationEurosmart presentation on the eidas regulation
Eurosmart presentation on the eidas regulationStefane Mouille
 
swift_connectivity_factsheet_l2ba
swift_connectivity_factsheet_l2baswift_connectivity_factsheet_l2ba
swift_connectivity_factsheet_l2baFrederik Adriaensen
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerPalash Mehar
 
Digital Signature
Digital Signature Digital Signature
Digital Signature Vakilsearch
 
2017.03.30 - e-Signatures Conference for ZertES and eIDAS
2017.03.30 - e-Signatures Conference for ZertES and eIDAS 2017.03.30 - e-Signatures Conference for ZertES and eIDAS
2017.03.30 - e-Signatures Conference for ZertES and eIDAS Kyos
 
The Smart Approach To Pci DSS Compliance – Braintree White Paper
The Smart Approach To Pci DSS Compliance – Braintree White PaperThe Smart Approach To Pci DSS Compliance – Braintree White Paper
The Smart Approach To Pci DSS Compliance – Braintree White PaperBen Rothke
 
Chapter 12 regulatory technology for aml compliance
Chapter 12 regulatory technology for aml complianceChapter 12 regulatory technology for aml compliance
Chapter 12 regulatory technology for aml complianceQuan Risk
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONPankaj Rane
 
Chapter 7 risk based approach
Chapter 7 risk based approachChapter 7 risk based approach
Chapter 7 risk based approachQuan Risk
 

What's hot (20)

Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0Building trust attributes in e transactions (final) ver 3.0
Building trust attributes in e transactions (final) ver 3.0
 
ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018ForgeRock Open banking - Meetup 28/06/2018
ForgeRock Open banking - Meetup 28/06/2018
 
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
eID and e-Signature (PKI) in Mercosul - Tools to support eGovernment and eBus...
 
Secure Electronic Transaction (SET)
Secure Electronic Transaction (SET)Secure Electronic Transaction (SET)
Secure Electronic Transaction (SET)
 
Role of a Qualified Trust Service Provider in Europe
Role of a Qualified Trust Service Provider in EuropeRole of a Qualified Trust Service Provider in Europe
Role of a Qualified Trust Service Provider in Europe
 
digital signature and verification on-site solution
digital signature and verification on-site solutiondigital signature and verification on-site solution
digital signature and verification on-site solution
 
Mind- Boggling Features & Benefits of Video KYC
Mind- Boggling Features & Benefits of Video KYCMind- Boggling Features & Benefits of Video KYC
Mind- Boggling Features & Benefits of Video KYC
 
A7: Chulalongkorn University | E-Payment and FinTech (2018)
A7: Chulalongkorn University | E-Payment and FinTech (2018)A7: Chulalongkorn University | E-Payment and FinTech (2018)
A7: Chulalongkorn University | E-Payment and FinTech (2018)
 
Eurosmart presentation on the eidas regulation
Eurosmart presentation on the eidas regulationEurosmart presentation on the eidas regulation
Eurosmart presentation on the eidas regulation
 
swift_connectivity_factsheet_l2ba
swift_connectivity_factsheet_l2baswift_connectivity_factsheet_l2ba
swift_connectivity_factsheet_l2ba
 
Creation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using DigisignerCreation & Verification of Digital Signature using Digisigner
Creation & Verification of Digital Signature using Digisigner
 
Digital Signature
Digital Signature Digital Signature
Digital Signature
 
2017.03.30 - e-Signatures Conference for ZertES and eIDAS
2017.03.30 - e-Signatures Conference for ZertES and eIDAS 2017.03.30 - e-Signatures Conference for ZertES and eIDAS
2017.03.30 - e-Signatures Conference for ZertES and eIDAS
 
A11: TAI | FinTech (3 Aug 2020)
A11: TAI | FinTech (3 Aug 2020)A11: TAI | FinTech (3 Aug 2020)
A11: TAI | FinTech (3 Aug 2020)
 
The Smart Approach To Pci DSS Compliance – Braintree White Paper
The Smart Approach To Pci DSS Compliance – Braintree White PaperThe Smart Approach To Pci DSS Compliance – Braintree White Paper
The Smart Approach To Pci DSS Compliance – Braintree White Paper
 
PKI in Government Digital Identity Management Systems
PKI in Government Digital Identity Management SystemsPKI in Government Digital Identity Management Systems
PKI in Government Digital Identity Management Systems
 
Chapter 12 regulatory technology for aml compliance
Chapter 12 regulatory technology for aml complianceChapter 12 regulatory technology for aml compliance
Chapter 12 regulatory technology for aml compliance
 
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONCASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATION
 
Act2000n
Act2000nAct2000n
Act2000n
 
Chapter 7 risk based approach
Chapter 7 risk based approachChapter 7 risk based approach
Chapter 7 risk based approach
 

Similar to Advance itt

Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!Process Fusion Inc
 
Creation & Verification of Digital Signature using Adobe Acrobat
Creation & Verification of Digital Signature using Adobe AcrobatCreation & Verification of Digital Signature using Adobe Acrobat
Creation & Verification of Digital Signature using Adobe AcrobatPalash Mehar
 
Shufti Pro| Digital Identity Verification Solution
Shufti Pro| Digital Identity Verification SolutionShufti Pro| Digital Identity Verification Solution
Shufti Pro| Digital Identity Verification SolutionJoshuaVictor10
 
KYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINKYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINIRJET Journal
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Synacts
 
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...Rohan Nyayadhish
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2Ankita Dave
 
Digital signature 3
Digital signature 3Digital signature 3
Digital signature 3Ankita Dave
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000Leo Lukose
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresOliver Pfaff
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Market Engel SAS
 
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the PerpetratorAn Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the PerpetratorIDES Editor
 
Digital certificates
Digital certificates Digital certificates
Digital certificates Sheetal Verma
 
Information Technology & Company Secretary
Information Technology & Company SecretaryInformation Technology & Company Secretary
Information Technology & Company SecretaryPavan Kumar Vijay
 
10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And CertificationsBlockchain Council
 
Blockchain, smart contracts and use cases for the Legal Hackers
Blockchain, smart contracts and use cases for the Legal HackersBlockchain, smart contracts and use cases for the Legal Hackers
Blockchain, smart contracts and use cases for the Legal HackersKoen Vingerhoets
 
20170620 MEETUP intro to blockchain and smart contracts (2)
20170620 MEETUP intro to blockchain and smart contracts (2)20170620 MEETUP intro to blockchain and smart contracts (2)
20170620 MEETUP intro to blockchain and smart contracts (2)Brussels Legal Hackers
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...Codemotion
 

Similar to Advance itt (20)

Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
Think twice before you sign again!
Think twice before you sign again!Think twice before you sign again!
Think twice before you sign again!
 
Creation & Verification of Digital Signature using Adobe Acrobat
Creation & Verification of Digital Signature using Adobe AcrobatCreation & Verification of Digital Signature using Adobe Acrobat
Creation & Verification of Digital Signature using Adobe Acrobat
 
Shufti Pro| Digital Identity Verification Solution
Shufti Pro| Digital Identity Verification SolutionShufti Pro| Digital Identity Verification Solution
Shufti Pro| Digital Identity Verification Solution
 
KYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAINKYC VERIFICATION USING BLOCKCHAIN
KYC VERIFICATION USING BLOCKCHAIN
 
Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04Digital ID Protocol - Presentation 2015-12-04
Digital ID Protocol - Presentation 2015-12-04
 
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
Digital Task Force’s Digital Magazine on Electronic Evidence and Hash Value -...
 
Digital signature 2
Digital signature 2Digital signature 2
Digital signature 2
 
Digital signature 3
Digital signature 3Digital signature 3
Digital signature 3
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000
 
Implementing Public-Key-Infrastructures
Implementing Public-Key-InfrastructuresImplementing Public-Key-Infrastructures
Implementing Public-Key-Infrastructures
 
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
Digital signatures, paving the way to a digital Europe_Arthur D Little_2014
 
Kyc and Blockchain
Kyc and BlockchainKyc and Blockchain
Kyc and Blockchain
 
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the PerpetratorAn Efficient Buyer - Seller Protocol to Identify the Perpetrator
An Efficient Buyer - Seller Protocol to Identify the Perpetrator
 
Digital certificates
Digital certificates Digital certificates
Digital certificates
 
Information Technology & Company Secretary
Information Technology & Company SecretaryInformation Technology & Company Secretary
Information Technology & Company Secretary
 
10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications10 Best Professional Blockchain Courses And Certifications
10 Best Professional Blockchain Courses And Certifications
 
Blockchain, smart contracts and use cases for the Legal Hackers
Blockchain, smart contracts and use cases for the Legal HackersBlockchain, smart contracts and use cases for the Legal Hackers
Blockchain, smart contracts and use cases for the Legal Hackers
 
20170620 MEETUP intro to blockchain and smart contracts (2)
20170620 MEETUP intro to blockchain and smart contracts (2)20170620 MEETUP intro to blockchain and smart contracts (2)
20170620 MEETUP intro to blockchain and smart contracts (2)
 
The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...The journey of an innovative and disruptive technology in a big and organized...
The journey of an innovative and disruptive technology in a big and organized...
 

Recently uploaded

Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...RKavithamani
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Recently uploaded (20)

Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 

Advance itt

  • 1. Project on XBRL, Digital Signatures, Cryptography, Digital Certificates Submitted to: ICAI – ADVANCE ITT
  • 2. Table of Contents PARTICULARS PAGE NO.  Introduction to XBRL 5  Contents of XBRL 6-7  Applicability of XBRL 8  Advantages of XBRL 9-10  Intro to XBRL Instance document 11  Chart for creating XBRL Instance Document 12  Steps for creating XBRL Instance document 13  Chart for validation of XBRL Instance Document 14  Steps for validating XBRL Instance document 15
  • 3. PARTICULARS PAGE NO.  Definition of Digital Signature 16-17  Basic Requirements 18  Process of Digital signatures 19  DSC Issuing Authority 20  Classes of digital signature 21  Need for Cryptography 22  Cryptography 23  Encryption and Decryption 24  How Cryptography Works 25  Categories of Cryptography 26  Cryptography in Digital Signatures 27
  • 4. PARTICULARS PAGE NO.  Meaning – Digital Certificates 28  Types of Digital Certificates 29-32  Advantages 33  Disadvantages 34
  • 5. Introduction to XBRL XBRL stands for extensible Business Reporting Language. Language for the electronic communication of business and financial data. Provides major benefits in the preparation, analysis and communication of business information. Offers cost savings, greater efficiency and improved accuracy and reliability to all those involved in supplying or using financial data. Being put to practical use in a number of countries. 5
  • 6. What does it contain?  XBRL documents filed by the companies should include the following information reported by the companies as per the existing provisions of law. Information disclosed in the following sections of the Annual Report Balance Sheet Profit and Loss Statement Cash Flow Statement 6
  • 7. Schedules related to Balance Sheet and Profit and Loss Statement Notes to Accounts Statement pursuant to Section 212 of the Companies Act, 1956 relating to subsidiary companies 7
  • 8. Who is it applicable for ?  Following class of companies have to file the Financial Statements in XBRL Form from the year 2010-2011:  All companies listed in India and their subsidiaries, including overseas subsidiaries  All companies having a paid up capital of Rs. 5 Crore and above or a Turnover of Rs 100 crore or above 8
  • 9. Advantages of XBRL Offers major benefits at all stages of business reporting and analysis Benefits are seen in automation, cost saving, faster, more reliable and more accurate handling of data, improved analysis and in better quality of information and decision making Switch resources away from costly manual processes 9
  • 10. Concentrate effort on analysis, aided by software which can validate and process XBRL information 10
  • 11. 2 An XBRL instance document is a business report in an electronic format created according to the rules of XBRL. It contains facts that are defined by the elements in the taxonomy it refers to, together with their values and an explanation of the context in which they are placed. 11
  • 12. Creation of XBRL instance document 12
  • 13. The first step in creation of an instance document is to do tagging of the XBRL taxonomy elements with the various accounting heads in the books of accounts of the company. This would create the mapping of the taxonomy elements with the accounting heads so that the accounting information can be converted into XBRL form. Once the tagging of financial statement elements with the published taxonomy elements is done, the next step is to create the instance document. An instance document is a XML file that contains business reporting information and represents a collection of financial facts and report-specific information using tags from the XBRL taxonomy. Once the instance document is prepared, it needs to be ensured that the instance document is a valid instance document and all the information has been correctly captured in the instance document. Steps for creating XBRL instance document 13
  • 14. Validation of XBRL instance document 14
  • 15.  Once the instance document is prepared, it needs to be ensured that the instance document is a valid instance document and all the information has been correctly captured in the instance document.  There shall be a tool provided at the MCA portal for validating the generated XBRL instance document. Validating the instance document is a pre requisite before filing the balance sheet and profit & loss account on MCA portal. You are required to download the tool from the MCA website and validate the instance document before uploading. There shall also be a facility to view and search the taxonomy.  Once the tool has been downloaded, the next step is to validate the instance document. The following validations shall be performed by the tool-  Validating that the instance document is as per the latest and correct version of taxonomy prescribed by MCA  All mandatory elements have been entered  Other validations as per taxonomy Process of validating XBRL instance document 15
  • 16. 16 INTRODUCTION: DIGITAL SIGNATURE  The authenticity of many legal, financial, and other documents is done by the presence or absence of an authorized handwritten signature  “Digital Signature” is the best solution for authenticity in various fields.  A digital signature is nothing but an attachment to any piece of electronic information, which represents the content of the document and the identity of the owner of that document uniquely.
  • 17. 17 What is digital signature  Hash value of a message when encrypted with the private key of a person is his digital signature on that e-Document.  Digital Signature of a person therefore varies from document to document thus ensuring authenticity of each word of that document.  As the public key of the signer is known, anybody can verify the message and the digital signature.
  • 18. Basic Requirements: The Private Key is one which is accessible only to the signer. It is used to generate the digital signature which is then attached to the message. The Public Key is made available to all those who receive the signed messages from the sender. It is used for verification of the received message. Digital Signature Certificates looks like Pendrive which has software installed for proper working. The Certifying Authorities (CAs) issue digital signature certificates for electronic authentication of users. 18
  • 19. Process of Digital Signature: 19
  • 20. DSC Issuing Authority 20  The Controller of Certifying Authorities (CCA) has established the Root Certifying Authority (RCAI) of India under section 18(b) of the IT Act to digitally sign the public keys of Certifying Authorities (CA) in the country. The RCAI is operated as per the standards laid down under the Act.  The CCA certifies the public keys of CAs using its own private key, which enables users in the cyberspace to verify that a given certificate is issued by a licensed CA.
  • 21. Classes of DSC 21 CLASSES APPLICABILITY ASSURANCE LEVEL Class 1 Certificate Less risky environment Basic Level of assurance Class 2 Certificate Moderate risky environment Moderate Level of assurance Class 3 Certificate High risky (Fraud) environment High Level of assurance
  • 22. Need for Cryptography 22  Confidentiality  Authentication  Non-repudiation
  • 23. What is Cryptography  Cryptography derived its name from a Greek word called “Kryptos” which means “Hidden Secrets”  Cryptography is the practice and study of hiding information  It is the science of converting a plain intelligible data into an unintelligible data and again retransforming that message into its original form 23
  • 24. What is Encryption & Decryption  Encryption is the process of converting plain text into an unintelligible format (cipher text)  Decryption is the process of converting cipher text back into its original form 24
  • 26. Categories of Cryptography Cryptography Symmetric Key Cryptography Asymmetric Key Cryptography 26 Symmetric Key Cryptography Asymmetric Key Cryptography Encryption and decryption using the same key Two different keys are used They key must be kept secret One of the two key must be kept secret Simpler and faster Relatively complex Less secured More secured.
  • 27. Cryptography in Digital Signatures  Digital signatures are primarily used for  Authentication  Non-repudiation 27 Bill(digitally signed) ENCRYP TION DECRYP TION
  • 28. 28 What are Digital Certificates? A digital certificate (DC) is a digital file that certifies the identity of an individual or institution, or even a router seeking access to computer- based information. It is issued by a Certification Authority (CA), and serves the same purpose as a driver’s license or a passport.
  • 29. 29 Types Digital Certificates There are four main types of digital certificates :- Server Certificates Personal Certificates Organization Certificates Developer Certificates
  • 30. 30 Server Certificates Allows visitors to exchange personal information such as credit card numbers, free from the threat of interception or tampering. Server Certificates are a must for building and designing e-commerce sites as confidential information is shared between clients, customers and vendors.
  • 31. 31 Personal Certificates Personal Certificates allow one to authenticate a visitor’s identity and restrict access to specified content to particular visitors. Personal Certificates are perfect for business to business communications such as offering suppliers and partners controlled access to special web sites for updating product availability, shipping dates and inventory management.
  • 32. 32 Organization & Developer Certificates Organization Certificates are used by corporate entities to identify employees for secure e-mail and web-based transaction. Developer Certificates prove authorship and retain integrity of distributed software programs e.g. installing a software on a computer system in most instances requires what is called a “serial key”.
  • 33. 33 Advantages 1. Authentication: By using digital certificates the identity of the entity can be verified. 2. Secure: It assures that the public key belongs to the owner of the certificate an so a secure communication can established for confidential email, e-commerce and online transactions. 3. Integrity: Integrity is guaranteed a long as the CA’s signature on the digital certificate can be verified. 4. It prevents man-in-the-middle attacks, where a malicious user pretends to be the web site that the user wants to connect with.
  • 34. 34 Disadvantages 1. When a certificate authority is compromised, hackers can create websites or send emails that look genuine and pass certification tests, but are actually fraudulent. 2. A browser does not give a warning when a web site changes the certificate. 3. A user has to blindly trust that the developer of the OS has installed genuine root certificates and not fraudulent certificates.
  • 35. 35