Authentication is the process of validate a user’s identity. For strong authentication we use two factors. Something you have, ie the smart card, and something you know, a PIN code. The CA system creates and publishes electronic identities.
Authorization is used to determine who gets access to what. Role-based Access System provides an overview and simplicity in the allocation of user privileges. When a resource is accessed, the user role and rights is controlled.
Confidentiality – by encrypting data on hard disks and during transmission through the network we can protect it from unauthorized reading. Much information is also sent today via email and need to be protected during transport.
Non-repudiation means that we can strongly bind a user or customer to a transaction, thereby creating new and significant opportunities to digitize business processes. Certification procedures, procedural measures,time stamping and other practices that today require the signature can then be implemented in IT systems. Digital signatures and a signed time stamp makes it impossible to deny having carried out the act. While the function is exculpatory – you can not be blamed for something you did not do.
Traceability – a strong identification of the user who makes changes in systems, which are stored in logs and databases are the basis for a successful reconstruction of the events afterwards. To make log information useful in the event of a dispute or incident, it needs to be protected from tampering.
Availability means that with the right business information, systems can be made available to multiple users, customers and partners and from other places such as home or mobile. Customers and partners can be passed on to the same system without the risks incurred. Permissions then decide what you can do in their systems.
Information security with PKI
Authentication is the process of validate a user’s identity. For strong authentication we use two factors. Something you have, ie the smart card, and something you know, a PIN code. The CA system creates and publishes electronic identities.
Authorization is used to determine who gets access to what. Role-based Access System provides an overview and simplicity in the allocation of user privileges. When a resource is accessed, the user role and rights is controlled.
Confidentiality – by encrypting data on hard disks and during transmission through the network we can protect it from unauthorized reading. Much information is also sent today via email and need to be protected during transport.
Non-repudiation means that we can strongly bind a user or customer to a transaction, thereby creating new and significant opportunities to digitize business processes. Certification procedures, procedural measures,time stamping and other practices that today require the signature can then be implemented in IT systems. Digital signatures and a signed time stamp makes it impossible to deny having carried out the act. While the function is exculpatory – you can not be blamed for something you did not do.
Traceability – a strong identification of the user who makes changes in systems, which are stored in logs and databases are the basis for a successful reconstruction of the events afterwards. To make log information useful in the event of a dispute or incident, it needs to be protected from tampering.
Availability means that with the right business information, systems can be made available to multiple users, customers and partners and from other places such as home or mobile. Customers and partners can be passed on to the same system without the risks incurred. Permissions then decide what you can do in their systems.