Certificate and Key Storage Tokens and Software - PowerPoint PPT Presentation

1 / 7
About This Presentation
Title:

Certificate and Key Storage Tokens and Software

Description:

Software-Based Certificates. Several different software stores ... greater security than software certificates ... portability than software certificates ... – PowerPoint PPT presentation

Number of Views:165
Avg rating:3.0/5.0
Slides: 8
Provided by: perryta
Category:

less

Transcript and Presenter's Notes

Title: Certificate and Key Storage Tokens and Software


1
Certificate and Key StorageTokens and Software
  • Mark Swyers
  • VeriSign, Inc.
  • mswyers_at_verisign.com

2
Key Storage Considerations
  • Many different ways to store a certificate and
    private key
  • Application will usually dicatate the appropriate
    method
  • Concerns include
  • Security
  • Portability
  • Functionality
  • Usability
  • Managability
  • Expense

3
Software-Based Certificates
  • Several different software stores
  • Microsoft CAPI
  • Netscape certificate database
  • Macintosh keyring
  • Java keystores
  • Vendor specific
  • VeriSign Personal Trust Agent
  • Pros
  • Browser based, so easy to use
  • Inexpensive
  • no new infrastructure
  • easy distribution
  • Cons
  • Locks user to desktop
  • Desktop management
  • Cannot control password use

4
PKI Tokens
  • Generally provide greater security than software
    certificates
  • Can require PINs or passwords, even biometric
    authenication
  • Keys usually cannot be exported
  • Tokens can be locked in a safe when not in use
  • FIPS (Federal Information Protection Standard)
    140 rated
  • Provide better portability than software
    certificates
  • Can be used on multiple machines while
    maintaining only one copy of the private key
  • Have the capcaity to hold multiple keys and
    certificates
  • Challenges
  • Typically require installation of drivers
  • May require a separate reader
  • End user acceptance
  • Token lifecycle management distribution,
    forgotten/lost/broken tokens
  • Cost

5
Smart Cards
  • Can support multiple forms of access
  • Physical access to building
  • Logical access to workstation
  • Can double as ID card
  • Can print photo and other info
  • Can support a magnetic stripe
  • Requires a reader
  • Contact or contactless (proximity)
  • Examples
  • FIPS 201 standard for HSPD-12
  • DoD Common Access Card
  • DOI Employee ID Cards
  • University ID cards

6
USB Tokens
  • Many form factors
  • PKI only
  • PKI with One-Time Password
  • PKI with OTP and storage
  • Easily portable
  • Ensures tokens travel with user (i.e. when
    attached to car keys)
  • Most computers have USB ports
  • Better for consumers and when you dont have
    control over the user environment

7
VeriSign Approach Flexible Authentication
Platform
PKI-USB Token
Cost-Effective OTP
Multi-Function Token (OTP USB Smart Card)
Smart Card For Physical Network Access
VeriSign Unified Authentication
Multi-Function Token with Secure Storage
Mobile Devices
Soft Certificate And Soft OTP
Many Credential Types One Integrated Platform
One Strategic Vendor
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Certificate and Key Storage Tokens and Software" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!