Ensuring CIA triad using EJBCA solution digital certificate trust model
View/ Open
Date
2022-05Publisher
Brac UniversityAuthor
Ferdous, JannatulMetadata
Show full item recordAbstract
At present ensuring confidentiality, integrity and availability of information is a
big challenge. Cyber-attacks such as man in the middle attack, eavesdropping,
spoofing is commonly known inside threats. Leakage of information often results
in devastative financial losses as well as loss of company profile. Our project has
addressed the above mentioned problem. In order to address and solve this problem
we have demonstrated an architecture of secure infrastructure which shall encrypt
the communication between user and web application. We have implemented a
Public Key Infrastructure solution which is a set of roles and policies to create,
manage, distribute, use, store and revoke digital certificates and manage public-key
encryption. In the absence of digital certificate, an entity will not be trusted by
the web applications and thus it will not get access to the web site. The project
consists of web application, an infrastructure which will generate digital certificate
based on institutional requirement and algorithmic strength to ensure CIA between
user and web application. To proof that CIA is ensured in our architecture we have
demonstrated an exercise which we have described in this paper.