Diploma Thesis roundup
It's over, finally! We handed in our diploma thesis at 1pm this afternoon. Normally I'm not the guy who postpones everything to the last second; nevertheless, I only ended up in bed at 4am/3am the last to nights. Compared to others, who have been working straight for 36 hours, that's not too bad though, at least I got a couple of hours of sleep. Still, I'm dog-tired right now.
In case you've been wondering what kept me busy for the last eight weeks you can scan our abstract:
"Implementation of a Certification Authority for ZHW
The awareness of information security has increased tremendously in the last couple of years. The most widely used standard to achieve this security is X.509 which uses certificates with a strict hierarchical trust model. However, to ensure a smooth implementation within an organisation, every individual needs to own such a certificate, the certificates have to be easily accessible and the issuing Certification Authority (CA) must be trusted by all parties.
Thus it is the goal of this thesis to implement a CA for a department of the ZHW and enable the employees to send encrypted and signed email messages. Workflows, processes and different application possibilities will be evaluated, taking into account the needs of the target group.
The result is the IKT Certification Authority, a fully integrated solution which provides certificates to all members of the IKT department and is based on EJBCA, an open source CA. The handling and presentation were adapted to suit the ZHW environment. Certificates are stored on secure crypto tokens which perform all cryptographic operations and are protected by an access code, thus preventing misuse.
Not only defining optimal processes deserved our full attention, but also implementing the user portal was vital. The main reason why implementing security solutions fail is not the missing technology, but inferior usability in the application logic. Therefore we focus on easy usability and well structured workflows. An important part in gaining the trust of users is due to the attractiveness of the portal which adheres to the corporate identity.
The authors firmly hope that this thesis lays a solid foundation for a future extension of the user base to the whole ZHW. Furthermore we hope to show that the implementation of a Public Key Infrastructure is not reserved to big companies and is feasible using open source software."
Links to this post: