In order to deploy e-commerce, forms of identity authentication through the Internet should be used effectively, creating credibility for users. Certificates have been one of the most effective authentication tools for the eCommerce industry. Vietnamnet Brief introduction to the technology base and practical applications of this tool.
Why use a digital certificate?
Today, communication over the Internet is becoming an urgent need. Information on the Internet is very important, such as account number, confidential information ... However, with the sophisticated tactics, the risk of information stolen over the network is also increasing. Now communicate over the Internet mostly using the TCP / IP protocol. This is a protocol that allows information to be sent from one computer to another Communication through a variety of intermediaries or separate networks. This has created opportunities for high-tech thieves to take action illegal . The information transmitted on the network can be eavesdrop (Eavesdropping) fake (Tampering) Impersonation (Impersonation) . Current security measures, such as using passwords, are not guaranteed as they can be eavesdropped or scanned quickly.
Therefore, For the sake of security, the information transmitted on the Internet today tends to be encrypted. Before transmitting through the Internet, the sender encrypts the information, during the transmission, even if the information is "blocked", the thief can not be read because of encryption. Upon reaching the destination, the recipient will use a special tool to decrypt. The most popular encryption and encryption method in the world is the Digital Certificate. With digital certificates, the user can Information encoding effectively, anti-counterfeiting (allowing the recipient to check if the information has changed), accuracy the identity of the sender. In addition, the certificate is proof help anti denial of origin Prevents the sender from disputing the source of the material he or she has submitted.
An index is an electronic file used to verify the identity of an individual server , a company ... on the Internet. It's like a driver's license, passport, ID card or personal identification documents.
In order to have a ID card, you must have a local ID. The certificate must also be certified by an organization these Your information is exactly, called Supplier of digital certificates Certificate Authority, abbreviated as ). CAs must ensure reliability and take responsibility for the accuracy of their digital certificates.
The certificate contains three main components:
- Personal information of the grantee
- Public Courses ( Public key ) of the grantee
- Digital signature of CA certificate
Personal information:
This is the information of the certificate holder, including name, nationality, address, telephone, email, organization name, etc. This section looks like the information on each person's ID.Public keys
In cryptography, a public key is a value that is given by the authentication provider as an encryption key, combined with a single private key generated by the public key to form a key pair. asymmetrical.The operational principle of the public key in the digital certificate is that the two parties must know each other's public key. Party A wants to send to party B, it must use public key of party B to encode information. Party B will use his personal key to open the information. Asymmetry in coding is expressed in A private key can decrypt data encrypted with a public key (in the same pair of keys that an individual owns), The public key is not capable of decrypting the information , including those encrypted by the public key itself. This is a necessary feature since many individuals B, C, D ... can carry out a transaction and have a public key of A, but C, D ... can not decipher the information B send to A even if you have caught the packet sent out on the network.
In a sense, if a digital certificate is a people's identity card, the public key acts as your identity on the identification card (including the name, address, photo ...) Your personality is your face and fingerprints. If an item is considered to be transmitting information, is & quot; encrypted & quot; By your address and the name of the recipient, whether someone uses your ID card for the purpose They also did not have postal parcels because their face and fingerprints were not the same.
Digital signature of CA certificate:
Also called the original certificate. This is the certification of the CA, ensuring the accuracy and validity of the certificate. To check a digital certificate, first check that the digital signature of the CA is valid. On your identity card, this is the stamp of your provincial or city police office. In principle, when checking your identity card, it is first necessary to look at this seal, to know if the identity card is tampered with or not.
In digital authentication management systems in the world, the Certificate Authority (CA) is an organization that issues and manages secure authentication content on a computer network. , and public keys to encrypt information. As part of the public key infrastructure (PKI), a CA will control with a registered authority (RA) to verify information about a digital certificate Request authentication issued. If RA confirms the information of the person to be authenticated, the CA will then issue a certificate.
Depending on the implementation of the Public Key Infrastructure, the digital certificate will include the public key of the owner, expiry date of the certificate, name of the owner and other information about the public key. declare.
Public Key Infrastructure - PKI
A public key infrastructure (PKI) allows users of a non-secure public network, such as the Internet, to exchange data and money securely through the use of a public key pair and Individuals are issued and used through a credible credential provider. The public key platform provides a digital certificate that is used to authenticate an individual or organization, and directory services can be archived and, when necessary, revoked. Although the basic components of PKI are commonplace, some vendors want to offer different PKI standards. A common standard on PKI over the Internet is also under construction.
A public key infrastructure includes:
- A Digital Certificate Provider (CA) specializes in providing and verifying digital certificates. A certificate includes a public key or public key information
- A Registration Authority (RA) acts as an examiner for a CA before a certificate is issued to the requester.
- One or more directories where digital certificates (with their public key) are stored for the public's search and retrieval needs to perform digital authentication.
- A certificate management system
A Registration Authority (RA) is a verifier on a computer network, verifying the user's requirements for authenticating a digital certificate, and requesting the CA to produce a result. Remote Access is a part of the PKI public key infrastructure, a system that allows companies and users to exchange secure financial information and activities.
Benefits of digital certificates
Encoding
The first benefit of digital certificates is the confidentiality of information. When the sender has encrypted the information with your public key, You can only decrypt the information to read. In the process of transmitting information over the Internet, even if the encrypted packets are read, the bad guys do not know what the packet is. This is a very important feature, giving the user complete confidence in the ability to secure information. Highly confidential information exchanges, such as interbank transactions, e-banking, credit card payments, require digital certificates to ensure security.
Digital Certificate Management System VASC-CA
VASC-CA is the first digital certificate provider in Vietnam with the following solutions: - Personal Certificate VASC-CA: Helps to encrypt information, secure e-mail, use electronic signature, authenticate with a web server through SSL protocol. - SSL certificate erver VASC-CA: Helps secure the exchange of information on the website, authenticates the user with SSL, maintains authentication, anti-forgery, allows payment by credit card, prevents password hackers. Certified software developer VASC-CA: Counterfeiting
When you send out an information, it can be a data or an email, using a digital certificate, The recipient will check whether your information has been changed. Any modification or replacement of the contents of the original message all will be detected . Your email address, domain name ... can be bad guys to fake to deceive the recipient to spread the virus, stealing important information. However, the digital certificate can not be faked, so the exchange of information is accompanied by the certificate is always secure.Accuracy
When you send a certificate, the recipient - whether a business partner, an organization, or a government agency - will identify your identity. That means, though not seeing you, but through the digital certificate system that you and the recipient use, the recipient will know for sure that it is you, not someone else. Authentication is a very important feature in the implementation electronic transactions Internet, as well as administrative procedures with the jurisdiction. These activities need to verify the sender of the information to use the legal entity. This is the basis of one E-government The environment allows citizens to communicate, perform administrative tasks with state agencies completely over the network. It can be said that digital certificates are an integral part of e-government.Denial of origin
When using a digital certificate, you are solely responsible for the information that the digital certificate contains. In case the sender denies any information that is not sent by him (such as an order online), the number of certificates received by the recipient will be the proof that the sender is the author. of that information. In the case of a denial, CAs provide digital certificates to the two parties who will be responsible for verifying the source of the information, proving the source of the information to be sent.Electronic Signature
Email plays an important role in our daily exchange of information because of its fast, cheap and easy-to-use features Messages can be sent quickly, over the Internet, to customers, colleagues, suppliers and partners. However, email is very vulnerable to hackers. Messages can be read or spoofed before reaching the recipient.
By the use of personal certificate , you will prevent these threats but still not reduce the advantages of email. With a personal certificate, you can create one Electronic Signature by email as a confirmation of his. Electronic signatures also have information authentication features, data integrity and denial of origin.
In addition, the personal certificate also allows users to authenticate themselves with web server via SSL security protocol . Authentication based on digital certificates is considered to be better, more secure and secure than traditional password-based authentication methods.Website security
When your Website is used for ecommerce purposes or for purposes Other important information exchanged between you and your customers may be revealed To avoid this risk, you can use SSL Server certificate to secure your Website.SSL certificate erver will allow you to c configuration Website of myself By SSL protocol (Secure Sockets Layer) . This type of certificate will provided for Website of The unique identifier is intended to assure the customer of the authenticity and legality of the Website. SSL certificate The erver also allows for secure and confidential information exchange between Website with customers, employees and partners Through SSL technology which highlights are the following features:
Make purchases by credit card
1 AzSoft_watermark_big.png AzSoft_watermark_small.png cong-nghe?p=1 des.txt en_metadesc.txt en_name.txt getpageinfo.sh getpagelink.sh imglink.txt imglist.txt img.quantrimang.com label:Some Text link_original.txt link.txt log.txt meta_desc.txt name.txt news t-142619 testimg2-0.jpg testimg2-1.jpg testimg2.jpg testimg3.jpg testimg.jpg thumb tim-hieu-excel-2016-200.jpg title_vn.txt tmp02.html tmp03.html tmp2.html tmpdesc2.txt tmpdesc3.txt tmpdesc4.txt tmpdesc5.txt tmpdesc6.txt tmpdesc7.txt tmpdesc.txt tmp.html tmpresult.txt tmptrans.txt transresult.txt wm.quantrimang.com www.mailenable.com www.microsoft.com www.securityfocus.com Protect sensitive personal information of customers
Make sure the hacker can not find the password
m security software
If you are a software developer, you will definitely need the "anti-counterfeit stamp" for your product. This is an indispensable tool in applying form owns the copyright. Certificate of Software Developer will allow you to sign the applet, script, Java software, ActiveX control, EXE files, CAB, DLL ... Thus, through digital certificates, you will Ensure the legality as well as the origin of the product. Moreover, product users can authenticate are you Vendor , detected the change of program (due to accidental or broken by virus, crack and smuggling ...).With security and authentication benefits, digital certificates are now widely used in the world as a tool to verify the identity of parties in e-commerce transactions. This is a standard technology platform around the globe, although there are a number of different digital authentication policies in each country. Every country needs to have local CAs to take initiative in digital authentication activities in the country. But in addition, if countries want to implement e-commerce beyond the borders, countries must also follow common technology standards, and cross-validate, exchange and recognize each other's CAs. These are also important factors for a country in the process of e-commerce development as Vietnam.
