Printer Friendly

Are digital certificates secure?

Remaining vulnerabilities should be combined with biometric technology.

Today's Internet infrastructure can facilitate many new industries--and further consolidate national and international business--with the use of digital certificates. In its general definition, a digital certificate is an attachment to an electronic communication used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he claims to be, and to provide the receiver with the means to encode a reply.

Are we putting too much trust in the maintenance and distribution of these certificates? After all, digital certificates are merely identifying a machine and not the user. One clear way to enhance the effectiveness of digital certificates is to combine them with biometric technology. Biometric technology identifies a person based on physical characteristics. A person's face, voice and fingerprint patterns cannot be duplicated and used by anyone else. Adding biometric authentication successfully secures the digital certificate wherever it is stored.

DIGITAL CERTIFICATES--VULNERABILITIES

In order to apply for a digital certificate, you must submit personal information to a certificate authority, much like you would when you apply for a credit card. Once issued, this digital identity, which is usually sent to the owner via e-mail, most likely will not contain your name. You need to upgrade this certificate by visiting a notary and having the information verified. The notary fills out the necessary forms and returns them to the certificate authority. Once this is done, you are issued a digital certificate bearing your name. This digital certificate can now be used for electronic transactions, acting as your signature for documents, such as mortgages, sales contracts and insurance policies.

With the introduction of large enterprises doing business on the Web, executing a deal in a reasonable amount of time (Internet time) using in-person methods is difficult. These digital certificates, however, can be used to legally bind someone in an agreement--quickly and electronically.

One problem with a digital certificate is where it resides once it is obtained. The owner's certificate sits on his computer, and it is the sole responsibility of the owner to protect it. If the owner creates and sends an encrypted e-mail, the recipients to whom the owner's public key has been sent can decrypt and read the message. They can also use his certificate as a means of trusting his signature, and can hold him liable for all claims in his message. If the owner walks away from his computer, others can gain access to it and use his digital certificate to execute unauthorized business.

The best way to address the vulnerabilities of digital certificates is by combining them with biometric technology. The main advantage of biometric technology with digital certificates is that it confirms the actual identity of the sender, rather than the computer. A digital certificate can be released by some form of bioprint before authorization of an electronic transaction takes place, making use of the certificate by someone else almost impossible.

DOUBLE SAFE WITH BIOMETRICS

Every individual has unique characteristics, such as the pitch of his voice and the different points of his face and fingerprints. Another human being cannot duplicate these identifying characteristics. A person's stored voice or face data can be compared to a live sample to identify or verify an individual. The incorporation of these capture devices (camera for face, microphone or telephone for voice, and sensors for fingerprints) are all readily available in today's technology infrastructure.

Before authorization of an electronic money transfer, either from one bank to another or to another account, a digital certificate verified by a form of biometric should be presented. This biometric would effectively secure the digital certificate wherever it is stored.

When an e-mail you are sending needs to contain a confidential attachment, you could use a digital certificate to encrypt the text and prove identity. You should also use a biometric to prove to the receiver that you have authorized the use of that digital certificate. This level of trust will create a confidence in receiving information from trusted parties.

Also, with this further authentication of attachments, e-mail administrators can identify particular attachments containing viruses and easily trace them to the originator who is liable for all damages incurred.

By layering digital certificates with biometric technology, security is enhanced. There is a false sense of security gained when people work strictly with a digital certificate without protection or who might have access to it. A layered approach of digital certificates with biometric technology can offer a more complete solution to making important transactions on the Web.

Hammel is director of product engineering for Keyware Technologies, Woburn, MA.
COPYRIGHT 2000 Nelson Publishing
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2000 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Internet/Web/Online Service Information
Comment:Digital certificates are touted as ideal for E-business transactions, but suffer from vulnerabilities that make relying on certificates alone unwise.
Author:Hammel, Benjamin
Publication:Communications News
Geographic Code:1USA
Date:Dec 1, 2000
Words:772
Previous Article:Your John Hancock goes digital.
Next Article:The rising star of Silicon Hills.
Topics:


Related Articles
IBM/LOTUS JONAH PKIX TO USE CYLINK CRYPTO LIBRARIES.
VeriSign Offers Digital Certificate Fast-Track.
VERISIGN, NOVELL PARTNER TO BUILD TRUSTED INTERNET COMMUNITIES.
PKI Security In The New Extranet Marketplace.
MEDQUIST SELECTS PRESIDEO FOR SECURITY FEATURING VERISIGN.
PKI -- How and Why It Works.
HOT TECHNOLOGY ISSUES in the World of E-COMMERCE.
GUARDIAN DIGITAL DEBUTS ENGARDE SECURE LINUX SERVER OS.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters