Abstract

Communications is one of the major domains of cyber security. Private Key Infrastructure (PKI) has become the defacto
standard for encrypting messages between two processes. Using PKI, an autonomous process can use the private key stored on the local machine to encrypt a message and send it to a remote machine. The remote machine can use the public key from the certificate to decrypt the message. A trusted third party Certificate Authority (CA) previously signed a certificate to allow the receiving party to trust that the sender is who they say they are. The same certificate can be used to sign the message to allow the recipient to trust that the message has not been altered. Unfortunately, certificates are issued to machine names, not process identifiers. In this paper, we utilize a secure data store that can validate who a process is to ensure that the certificate is coming from a trusted process.

Published in: International Conference on Information Society (i-Society 2017)

  • Date of Conference: 17-19 July 2017
  • DOI: 10.2053/iSociety.2017.0015
  • ISBN: 978-1-908320-80-3
  • Conference Location: Dublin, Ireland