Question

What do we mean by security certificate. Please explain with examples.

Please explain the examples the business challenges of implementing encryption.

atleast 250 words

Answer 1

1.

SSL/TLS use public and private key system for data encryption and data Integrity.

Public keys can be made available to anyone, hence the term public.

Because of this there is a question of trust, specifically:

How do you know that a particular public key belongs to the person/entity that it claims.

For example, you receive a key claiming to belong to your bank.

How do you know that it does belong to your bank?

The answer is to use a digital security certificate.

A certificate serves the same purpose as a passport does in everyday life.

A passport established a link between a photo and a person, and that link has been verified by a trusted authority (passport office).

A digital certificate provides a link between a public key and an entity (business,domain name etc) that has been verified (signed) by a trusted third party ( A certificate authority)

A digital certificate provides a convenient way of distributing trusted public encryption keys.

2.

Enterprise organizations are encrypting more of their network traffic. This is a mixed blessing in that it can protect data confidentiality and integrity but it also opens a camouflaged threat vector back into the organization. To address this risk, a majority (87%) of organizations decrypt and then inspect SSL/TLS traffic looking for things like reconnaissance activity, malware, and C2 communications.

Over the past five years, many organizations have slowly increased their use of SSL/TLS in homegrown web applications and adopted cloud-based SaaS applications instrumented with Layer 5/6 encryption. As this occurred, security and network professionals followed on, implementing a variety of SSL/TLS decryption and inspection tools on various network segments and multiple locations across global enterprise networks. This resulted in rather haphazard SSL/TLS decryption and inspection performed by an army of technologies and operational processes/procedures.

Decrypting/inspecting SSL/TLS traffic has also created a number of challenges for security and networking teams. For example, 26% of security professionals claim that it is difficult to integrate SSL/TLS encryption/decryption technologies with assorted network security packet filtering technologies, 24% say that the networking team is suspicious of any technology that may impact/disrupt the network, and 22% point to collaboration problems between the networking and infosec teams at their organizations.