Installation, configuration and operational testing of a PKI certificate server and its supporting services /
Public key infrastructure (PKI) was created to provide the basic services of confidentiality, authenticity, integrity and non-repudiation for sensitive information that may traverse public (un-trusted) networks. This thesis provides a brief description of the background and functional components of a PKI, and then "builds" a PKI to be used for research at the Naval Postgraduate School (NPS). Deficiencies of this PKI with respect to DoD PKI policy are delineated. The thesis addresses details of software selection, installation, configuration and operation; using Netscape's Certificate Management System as its Certificate Authority application of choice. The functionality of this PKI was validated by testing all major certificate lifecycle events (creation, archival, revocation, validation, etc.) All but two of these tests were successful-key escrow and revocation checking-and thus these two remain to be addressed by further work to make the NPS PKI fully functional.
School:The United States Naval Postgraduate School
School Location:USA - California
Source Type:Master's Thesis
Keywords:public key infrastructure computer security cryptography networks
Date of Publication: