Short note on :- 1) DIGITAL CERTIFICATE , 2) CERTIFICATION AUTHORITY (CA) , 3) THIRD-PARTY AUTHENTICATION

-

1)  DIGITAL CERTIFICATE 

  • Electronic credentials are used to assert the online identities of individuals, computers, and other entities on a network. 
  • Function similarly to identification cards such as passports and driver's licenses.  Most commonly they contain a public key and the identity of the owner. 
  • They are issued by certification authorities (CAs) that must validate the identity of the certificate-holder both before the certificate is issued and when the certificate is used. 
  • Common uses include business scenarios requiring authentication, encryption, and digital signing. 
  •  Based on the X.509v3 certificate standard. 
- X.509v3 stands for version 3 of the International Telecommunication Union Telecommunication Standardization Sector (ITU-T) recommendation X.509 for certificate syntax and format. 
  • Typically, digital certificates contain the following information: 

-  The subject’s public key value 

-  The subject’s identifier information, such as the name and email address

 -  The validity period (the length of time that the certificate is considered valid) 

-  Issuer identifier information 

-  The digital signature of the issuer, which attests to the validity of the binding between the subject’s public key and the subject’s identifier information 

PROCESS TO OBTAIN DIGITAL CERTIFICATE 

  • One can obtain a certificate for your business from commercial CAs. 
  • The Issuing entities of commercial CAs provide certificates with a cost. 
  • Users can generate a Keypair of their own and generate a Certificate Signing Request (CSR) and then send the CSR to Issuing CA for a certificate.



  • CSR contains the public key of the user and user identity information in a format that issuing CAs would normally expect as shown in the figure above.


2)  CERTIFICATION AUTHORITY (CA) 

  •  A Certificate Authority (CA) is a trusted institution/agent that issues digital certificates that contain a public key and the identity of the owner. 
  • The matching private key is not made available publicly but kept secret by the end-user who generated the key pair. 
  • The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server, or other entity noted in the certificate. 
  • A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates. 
  •  CAs use a variety of standards and tests to do so. In essence, the Certificate Authority is responsible for saying "yes, this person is who they say they are, and we, the CA, verify that". 
  • If the user trusts the CA and can verify the CA's signature, then he can also verify that a certain public key does indeed belong to whoever is identified in the certificate. 
  • Browsers maintain a list of well-known CAs root certificates. 
  • Aside from commercial CAs, some providers issue digital certificates to the public at no cost. 
  • Large institutions or government entities may have their own CAs. 


3)   THIRD-PARTY AUTHENTICATION 

  • In third-party authentication systems, the password or encryption key itself never travels over the network. Rather, an "authentication server" maintains a file of obscure facts about each registered user.
  • At the log-on time, the server demands the entry of a randomly chosen fact— the mother's maiden name is a traditional example—but this information is not sent to the server.
  •  Instead, the server uses it (along with other data, such as the time of day) to compute a token. The server then transmits an encrypted message containing the token, which can be decoded with the user's key. 
  • If the key was properly computed, the user can decrypt the message. The message contains an authentication token that allows users to log on to network services.

Comments

Post a Comment

Popular posts from this blog

What are different steps used in JDBC? Write down a small program showing all steps.

-
 T he fundamental steps involved in the process of connecting to a database and executing a query consist of the following: Import JDBC packages. Load and register the JDBC driver. Open a connection to the database. Create a statement object to perform a query. Execute the statement object and return a query resultset. Process the resultset. Close the resultset and statement objects. Close the connection. These steps are described in detail in the sections that follow. 1. Import JDBC Packages This is for making the JDBC API classes immediately available to the application program. The following import statement should be included in the program irrespective of the JDBC driver being used: import java.sql.*; Additionally, depending on the features being used, Oracle-supplied JDBC packages might need to be imported. For example, the following packages might need to be imported while using the Oracle extensions to JDBC such as using advanced data types such as BLOB, and so on. import o...
Read more

Explain Parallel Efficiency of MapReduce.

-
Image
 PARALLEL EFFICIENCY OF MAP-REDUCE It is worth trying to figure out what is the parallel efficiency of MapReduce. Now let us assume that the data produced after the map phase is σ times the original data size D (σD), further, we assume that there are P processors which in turn perform map and reduce operations depending on which phase they are used in, so we do not have any wastage of processors. Also, the algorithm itself is assumed to do wD useful work, w is not necessarily a constant it could be D^2 or something like that, but the point is that there is some amount of useful work being done even if you have a single processor and that's wD. Now let us look at the overheads of doing the computation wD using MapReduce. After the map operation, instead of D data items, we have σD data items in P pieces, so each mapper writes data to their local disk. So, P there is some overhead associated with writing this data. Next, this data has to be read by each reducer before it can begin ...
Read more

Suppose that a data warehouse for Big-University consists of the following four dimensions: student, course, semester, and instructor, and two measures count and avg_grade. When at the lowest conceptual level (e.g., for a given student, course, semester, and instructor combination), the avg_grade measure stores the actual course grade of the student. At higher conceptual levels, avg_grade stores the average grade for the given combination. a) Draw a snowflake schema diagram for the data warehouse. b) Starting with the base cuboid [student, course, semester, instructor], what specific OLAP operations (e.g., roll-up from semester to year) should one perform in order to list the average grade of CS courses for each BigUniversity student. c) If each dimension has five levels (including all), such as “student < major < status < university < all”, how many cuboids will this cube contain (including the base and apex cuboids)?

-
Image
a) A Snowflake Shema is shown in figure below: b) The specific OLAP operations to be performed: 1. Roll-up on course from course_id to department. 2. Roll-up on a student from student_id to university. 3. Dice on course, student with department ="CS" and university = "biguniversity" 4. Drill-down on a student from the university to student_name. c) N = 4 dimensions The cube will contain 54 = 625 cuboids.
Read more