Securing Information & Communication through PKI

Note: This course is no longer available.
This page is maintained only for archival purposes.

THE NEED FOR PKI

  • Someone defaces an organization's website and posts anti-national propaganda on the site. The unwitting dissemination of this information renders your Board of Directors and other personnel liable for life imprisonment.How does one prevent such attacks and protect oneself from legal liability?
  • A patient's diagnosis is e-mailed to his doctor who is out of the country. The doctor e-mails the prescription, which is unauthorizedly altered before it reaches the hospital. Due to the wrong medication the patient passes away.How do you prevent such an unfortunate incident of cyber murder?
  • A virus infects your organization networks, and attaches itself to all your outgoing messages. You are now responsible for spreading malicious code and liable to pay crores of rupees.How do you safeguard yourself from such activities that hold you liable without your knowledge?
  • Someone launches an attack on your network bypassing the firewalls and other safety measures installed by you, and steals information valued at crores of rupees.How do you prevent such data theft attacks that cost you money for information stolen and system failure?

Public Key Infrastructure (PKI) answers all these and more.

Simply put, PKI is a system that incorporates the power of asymmetric encryption (and its applications like digital signatures) to ensure the objectives of information security like Privacy, Data integrity, Entity authentication and identification, Message authentication, Signature, Access control, Certification, Time stamping, Witnessing, Non-repudiation, Revocation etc.

The term PKI refers to the laws, policies, standards, and software that regulate the use of asymmetric encryption and its applications for achieving the abovementioned objectives.

BENEFITS OF USING PKI

  • PKI protects your invaluable information resources from any unauthorized access and alteration.
  • PKI mitigates email spoofing and other authentication attacks.
  • PKI is the only legally recognized method of authenticating electronic records.
  • PKI provides information and communication security.

The hardware and software costs for deploying PKI is next to nothing for organizations powered by the Microsoft Windows 2000 operating system.

The built in Certificate Services that are bundled with the Microsoft Windows 2000 Advanced Server, can be used in combination with the Office XP software to deliver a powerful inter and intra organizational PKI. All that you require is adequate consultancy and training.

MISSION OF THE PROGRAM

  • To highlight the need and importance of PKI for information security
  • To create awareness and give practical training on the concepts of encryption and digital signatures.
  • To equip participants with the knowledge necessary to design and deploy a PKI according to organizational requirements
  • To give an insight into a fully integrated security policy that is indispensable for maintaining information security.
  • To enable participants to provide a cost effective security solution for their organizations.

COURSE OVERVIEW

This is an intensive three-day training program in practice and theory suitable for top and middle level management, network and system administrators, consultants, IT and legal professionals.

This program provides an overall view of the various issues involved in the design, implementation and administration of inter and intra-organizational PKI. The program will provide a hands on and practical approach to using digital signatures.

Day 1
Introduction to PKI

  1. Overview of Cryptography
  2. Introduction to PKI
  3. Designing a PKI

 

Day 2
Designing, implementing and administering a PKI

  1. Installing the Windows 2000 PKI
  2. Administrative Functions

Day 3 Practical case study