ZHAW-Logo OAPA-Logo TAT-Logo
zurück  
Diplomarbeit 2004 (DA04): Arbeits-Archiv
 
DA Mpi 04/4 - PKI Workflow -- in theory and practice
Studierende: Daniel Leuenberger, leuendan
  Samuel Leuthold, leuthsam

Betreuer: Eduard Mumprecht, mpre

Data security in a business environment, namely confidentiality and authenticity, can be achieved reliably by using public key cryptographic methods. State-of-the-art tools support both encryption of and signatures to documents. In practice this requires a specific infrastructure to manage keys and certificates.

The concepts of a public key infrastructure (PKI) are not too involved, however its implementation is far from being a straightforward task. In this report we propose ways of how a small to medium-size company can set up a private PKI and use it effectively.

We explain the organisational aspects of a PKI and show the processes to quite some detail. Besides technical matters this encompasses also legal and economical considerations. In a kind of compendium the reader is guided step-by-step through the concrete set up of a complete PKI solution in a Microsoft Windows network environment.

Furthermore the application context is extended to include non-Microsoft systems, i.e. the Mozilla suite (browser, e-mail) and Adobe PDF (signature). The latter is also discussed in light of the possibilities of turning in Swiss VAT statements in electronic form.

zurück