DigiNotar Security Breach

1582 Words7 Pages
3.1 Expert Talk A fake security certificate can result in monitoring of communication across websites or redirecting users to fake websites. However for hackers to pass off their certificates, ‘they require to pass the network traffic through the servers, which are controlled by them. This can be can by Internet Service Provider or by “alleged” governments who might own these Internet Service Providers. Technology experts have cited numerous reasons to believe that the Iranian government cooperated with the government and the hackers were also based in Iran. It was thought to be a spying attempt on dissidents. The director of an online civil liberties group, Bits of Freedom, Ot van Daalen, said that the nationalist slogans contained on certificates along with the messages on the website of DigiNotar left by hackers clearly denote the involvement of Iran. It was hinted by Van Daalen that the DigiNotar incident would definitely lead to authentication technology’s reforms’ [29]. 4. Analyzing the broader context The DigiNotar disaster was like an eye-opener for the world and resulted in repercussions in different parts of the world especially the affected users of Iran. It was an unfortunate example of how the Internet enables the fallacies of one part of the world to effect users in other parts of the world. 4.1 How Trust is build and maintained on the Internet? In the wake of current security incidents like the DigiNotar security breach, trust is one of the most important factors for ‘building the credibility of an organization and for protecting as well as controlling their assets’ [4] As per the MSNBC, the world of web trusts is “endangered”[5] by the cracking of the digital certificates. Security professionals constantly need ... ... middle of paper ... ...expenses and maintaining clear financial reports’[10] Corporate governance comprises of other kinds of sub-governances like governance of: - • Human Resources (Employee Management) • Information Technology (comprises of information security governance as well) • Finances • Risk Fig 3. Few Elements of the Corporate Governance Framework [12] The corporate governance domain is usually dependant upon some baseline requirements, which help in ensuring a certain necessities for the management of the business. For the Certificate Authorities, these baseline requirements provide a combination of functionalities, technologies, management processes, audit guidelines and identity controls, which would help in management for the trusted digital certificates, since they are widely trusted by the public due to the virtue of their corresponding root Certificate Authorities.

More about DigiNotar Security Breach

Open Document