Accession Number:

ADA377760

Title:

Object Signing in Bamboo

Descriptive Note:

Master's thesis

Corporate Author:

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Personal Author(s):

Report Date:

2000-03-01

Pagination or Media Count:

134.0

Abstract:

The rapid growth in the Internet has been fueled by an exorbitant number of users, organizations and individuals alike, many relying on e-commerce to conduct business including the transport of files. Public Key Infrastructure PKI technology has emerged to the forefront as the basis for ensuring secure transactions throughout the Internet. However, this technology is prohibitively expensive for the majority of users. Object signing technology, a subset of PKI technology, provides a veritable means for file transfer ensuring non-repudiation, authentication, and content integrity at an amenable cost. This thesis provides an introduction to computer security with a specific focus on PKI and object signing technology. It details the selection and implementation of an object signing system layered on Bamboo, namely Pretty Good Privacy PGP v2.6.2. Procedures for establishing a Key Server for certificate distribution are also illustrated. It also introduces security pitfalls associated with PKI systems and identifies the security weaknesses of this object signing implementation. For further research, recommendations are provided to improve the overall functionality of this security system and the potential impact any such migration may have on current users.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE