A company is executing a strategy to encrypt and sign all proprietary data in transit. The company recently deployed PKI service
1 answer:
Answer:
A. S/MIME
B. TLS
C. Kerberos
Explanation:
PKI : Public Key Infrastructure is a technique which will allow services or applications to communicate securely across the unsecured network or internet.
PKI mainly consist of CA or Certificate Authority who can issue digital certificates or they are also known as trusted CA. exmaples are godaddy, digicert, verizone, symmantec, etc.. and RA also known as Registration Authorities and they verify if the requested certificates can be stored at CA. Keys will be stored in the central directory.It will also consists of certificate management system and the policies governing PKI.
S/MIME : Secure/Multipurpose Internet Mail Extensions which use assymentric cryptography and sign the MIME data. S/MIME will provide services like Authentication, Encryption , Integrity, Privacy and Non repudiation for messaging applications
SMIME uses certificates which can be self signed or CA certified. It specifies MIME type as while transmitting the data.
TLS : Transport Layer Security. the earlier versions used to be known as SSL ( Secure Socket Layer) SSLv3 got depreciated and TLSv1.2/1.3 are popularly used to provide encryption, authentication, Integrity and Hashing for client to server side communication.
Most of the applications communicate securely using TLS. They will establish secure TCP connection using SSL Handshake. During the Handshake they will exchange supported versions, ciphersuites and certificates. Applications which uses TLS always uses CA certificates and Inhouse applications can communicate using self signed certificate or even with CA certificates.
HTTPS which is also known as HTTP over SSL is widely used for almost all the web services to communicate securely across the internet.
Kerberos : It is a protocol used to prove the identity for two nodes which are communicating with each other. Kerberos uses both symmetric key cryptography and assymetric key cryptography. However, symmetric key cryptography is used widely and public key cryptography is used optionally.
Authentication server which is also known as AS is used to authenticate the requesting client. It further forwards the user credentials to key distribution center. KDC further issues to TGT ( ticket granting ticket) and it uses TGS's secret key to encrypt. User will receive a encrypted output.
When a User Login then The client authenticates itself to the Authentication Server (AS) which forwards the username to a key distribution center (KDC). The KDC issues a ticket-granting ticket (TGT), which is time stamped and encrypts it using the ticket-granting service's (TGS) secret key and returns the encrypted result to the user's workstation. Sessions will be renewed and managed by users session manager.
You might be interested in
Answer:
Following are the difference to this question:
Explanation:
IPv4:
The is uses the packet changed method, that is a Link Layer networks(like Ethernet). It has 4.3 billion addresses capacity. It uses the 32-bit logical device address, that written in decimal language.
It is divided by 4 bytes E.g. 192.168.1.1
The host part and network part are 2 parts. For a network, the host part may vary, while for the entire subnet, the network part remains equal. The scheme of 232 addresses is available on application depends on security.
IPv6:
The IPv6 is used in the internet protocoland it is higher than IPv4. It can provide endless number Opf addresses, and use to solves the problem of IPv4 exhaustion and satisfies the demand for rising networking.
IPv4 Substitutor Built to meet more IP address requirements. In the Logical address of 128-bit Written hexadecimally and with colons divided, and the Space of 128 addresses are required. IPsec is an integrated security feature.