Ensuring CIA triad using EJBCA solution digital certificate trust model

Thumbnail
View/Open
Date
2022-05
Publisher
Brac University
Author
Ferdous, Jannatul
Metadata
Show full item record
URI
http://hdl.handle.net/10361/24779
Abstract
At present ensuring confidentiality, integrity and availability of information is a big challenge. Cyber-attacks such as man in the middle attack, eavesdropping, spoofing is commonly known inside threats. Leakage of information often results in devastative financial losses as well as loss of company profile. Our project has addressed the above mentioned problem. In order to address and solve this problem we have demonstrated an architecture of secure infrastructure which shall encrypt the communication between user and web application. We have implemented a Public Key Infrastructure solution which is a set of roles and policies to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. In the absence of digital certificate, an entity will not be trusted by the web applications and thus it will not get access to the web site. The project consists of web application, an infrastructure which will generate digital certificate based on institutional requirement and algorithmic strength to ensure CIA between user and web application. To proof that CIA is ensured in our architecture we have demonstrated an exercise which we have described in this paper.
Keywords
Confidentiality; Integrity and Availability (CIA); Certificate Authority (CA); Public Key Infrastructure (PKI); Certificate Signing Request (CSR); Data encryption standard; Trusted third party
 
LC Subject Headings
Computer security
 
Description
This thesis is submitted in partial fulfillment of the requirements for the degree of Master of Science in Computer Science, 2022.
 
Cataloged from PDF version of thesis.
 
Includes bibliographical references (page 23).
Department
Department of Computer Science and Engineering, Brac University
Type
Thesis
Collections