EssaysForStudent.com - Free Essays, Term Papers & Book Notes
Search

Operating System

By:   •  Study Guide  •  474 Words  •  November 25, 2009  •  951 Views

Page 1 of 2

Essay title: Operating System

PKI BUSINESS VALUE CASE

Background/Purpose

Using electronic methods, such as email, to securely communicate between agencies, departments, vendors, and UCOP will reduce the need for handling paper. All providers accept that they get and send a large amount of paper reports, letters, forms, and data. The problems with this communication are:

· certifying that the communication actually came from that person (student, staff, or faculty) or agency

· certifying that the communication cannot be read by anyone but the intended recipient

· certifying that the communication has not been tampered with

· filing of the communication for purposes such as audit trails, history,

PKI will help address these issues. The term "communication" is used in a broad sense and includes transaction-based communication between humans and machines, machines and machines, and messaging.

Business Objectives

What would PKI enable?

1) Improved security

· Authentication - and its scalability to a wide variety of uses.

· Confidentiality

· Secrecy/Encryption

· Proof that data integrity of document is not compromised

· Non-repudiation

· PKI-enabled smartcards

· Secured file transmission, replacing FTP

· S-MIME/SSL for email encryption end-to-end.

2) Digital Signatures for Workflow - we are already implementing workflow-based applications. Document approval currently manual.

3) Risk management

· If we don't do PKI, what will happen when asked to interface with agencies or service providers that require certificates?

· If we implement PKI, what else can we do that we can't do today?

· What about 5 year old documents and audits? How do we prove who acted and how?

4) Process simplification and operational cost reduction while improving customer service

· Single-signon simplifies the user experience

· Less helpdesk time on username/password management

· Simplification of network and application access administration

· More efficient physical access administration if smart cards are used with PKI.

· Improved disaster recovery - PKI VPN allows more secure remote access in case workers can't physical get to the campus.

· Customization of ASP or vendor solutions is unnecessary if an industry solution, such as PKI is available. Webauth, a solution used at UC Irvine is too proprietary to ask vendors to customize their authentication with.

5) Regulatory compliance - ie: Government regulations on secrecy, patent protection, HIPPA

Download as (for upgraded members)  txt (3.8 Kb)   pdf (85.4 Kb)   docx (12 Kb)  
Continue for 1 more page »