Thursday, April 14, 2011

Digital Certificate by Razan Muhtaseb

     Nowadays, many of us buy through the net, deal with accounts in banks and book in hotels and airlines via the internet and this require ensuring that the access to these websites is accurate and reliable and free from spyware. This is the subject of my report “The digital Certificate” that is focused on how reliable the person, institution or webpage the page that you enter and share a confidential information through it.
     At the outset, I think that most of you heard about the “Digital Certificate” for the first time, well let me simplify it for you. In our realism life when a person wants to buy something important or to rent a car for example, the seller does not know you and doesn’t trust you at all, so he ask you for a prove of your identity to guarantee his rights, typically you will verify you identity through your ID or passport, and thus you will be trusted and in this case he will rent you a car.
    Digital Certificate has the same idea but in the digital world or in the world of the web, to be reliable source you must hold a digital certificate that certifies you as a trusted source. (The digital certificate issues from companies called Certificate Authorities (CA) these companies are specialized to give these certifications to its appliers, such as VeriSign, entrust and thwate. Digital Certificate contain of these element: your name, a serial number, expiration date, a copy of the certificate-holder's public and the digital signature of the certificate-issuing authority). (Introduction to Digital Certificates 2007)
     Before talking about how can someone obtain a digital certificate there are some elements need to know such as the pair of keys; the public key and the private key. The public key is not secret used to encrypt messages sent to the owner of this key, while the Private Key used by the owner to decrypt messages sent to him. ( Now, how to obtain an authenticated digital certificate, you applies for a digital certificate with a public key from a reliable certificate authority, then the certificate authority will verify your identity and issues a digital certificate with a public key that is published to the public so that they can send you messages). (Petri. D 2009).

    More over the digital certificate has another function; it is also used to provide protection for the data exchanged between the sender and the receiver that is by the encryption process. (The encryption process for the message is important to save the data or information exchanged from other parties, let’s say that Aseel wants to send a  secret message to Sabrine, Aseel will use Sabrine’s public key to encrypt the message then Sabrine will use her private key to decrypt the message to its actual form). (Charles C. Mann)
    In conclusion, I wish to apply this process in the event of you accesses to selling sites or banks and verify it before any process and in the absence of a lock or electronic certificate, do not risk or enter any confidential information.
References:
Petri. D, Obtain a Digital Certificate from an Online Certificate Authority. Available

Introduction to Digital Certificates, VeriSign 2007. Available from:

< http://www.verisign.com.au/repository/tutorial/digital/intro1.shtml>. [23 June, 2007].


Charles C. Mann, Public Key Encryption. Available from:

No comments:

Post a Comment