You are the Information Security Officer at a small software company. The organization currently utilizes a Microsoft Server 2008 Active Directory domain administered by a limited number of over-tasked network administrators. The remainder of the organization comprises mostly software developers and a relatively small number of administrative personnel. The organization has decided that it would be in its best interest to use a public key infrastructure (PKI) to provide a framework that fosters confidentiality, integrity, authentication, and nonrepudiation. Email clients, virtual private network products, Web server components, and domain controllers would utilize digital certificates issued by the certificate authority (CA). Additionally, digital certificates would be used to sign software developed by the company to demonstrate software authenticity to the customer.
Write a two to three (2-3) page paper in which you:
Identify and analyze the fundamentals of PKI.
Analyze positive and negative characteristics of a Public and In-house CA.
Provide a sound recommendation for either a Public CA or an In-house CA.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Explain how businesses apply cryptography in maintaining information security.
Use technology and information resources to research issues in information systems security.
Write clearly and concisely about network security topics using proper writing mechanics and technical style conventions.