Object Signing in Bamboo
NAVAL POSTGRADUATE SCHOOL MONTEREY CA
Pagination or Media Count:
The rapid growth in the Internet has been fueled by an exorbitant number of users, organizations and individuals alike, many relying on e-commerce to conduct business including the transport of files. Public Key Infrastructure PKI technology has emerged to the forefront as the basis for ensuring secure transactions throughout the Internet. However, this technology is prohibitively expensive for the majority of users. Object signing technology, a subset of PKI technology, provides a veritable means for file transfer ensuring non-repudiation, authentication, and content integrity at an amenable cost. This thesis provides an introduction to computer security with a specific focus on PKI and object signing technology. It details the selection and implementation of an object signing system layered on Bamboo, namely Pretty Good Privacy PGP v2.6.2. Procedures for establishing a Key Server for certificate distribution are also illustrated. It also introduces security pitfalls associated with PKI systems and identifies the security weaknesses of this object signing implementation. For further research, recommendations are provided to improve the overall functionality of this security system and the potential impact any such migration may have on current users.
- Computer Systems Management and Standards