Closed user group PKI in the enterprise security architecture

Gerencsér András <h6389ger@helka.iif.hu>

BKÁE, Információrendszerek Tanszék

Attacks, causing great damages to organisations and their networks in the near past, will inevitably accelerate the reengineering of the IT security measures and the widespread adoption of electronic identity cards predicted for the next years. On the other hand, the PKIs being installed on the basis of the EU ”electronic signature directive” and of the national acts, serve not only the end user awareness of global e-business transactions, but such PKIs support the strong authentication, and the authorisation with single-sign-on on the private networks.

It is advisable to build standardised, transparent PKIs for closed user groups before installing nation-wide CA systems. The first step in the process of organisational IT security architecture planing should be the review of best practices and after that we can begin the real job. A real PKI-CUG will be presented.