Identity ProtectionAs identity theft and unauthorized access reaches unprecedented levels, businesses and consumers are devising stronger means to safeguard personal identities. In addition to protecting paper records revealing identities, the greater vulnerability lies with electronic identities.
Digital certificates are commonly used as proof of identity for access to networks, data and services. The keys tied to certificates are also the basis for digital signatures. Theft of a digital certificate allows substantial opportunity to commit crimes of fraud and unauthorized access. Fraud or forgery using a stolen digital signature is not easy to prove. Further, since a digital certificate could be stolen by making a copy of it, it could take the owner some time to realize a theft had occurred. Therefore, it is extremely important to provide the best possible security around the storage and use of digital certificates. Using Trusted Computing standards for Hardware-protected digital certificates provides a safeguard against theft.
Customers interested in deploying digital certificates as identity credentials or signing tools often touch on the following requirements:
The certificate must be properly secured, preferably through a dedicated piece of security hardware.
Access to the certificate must be controlled by the use of strong and flexible authentication.
It must be possible to customize authentication policy for different users and groups of users.
It must be possible to back up and migrate the certificate (and its keys), but it must also be possible to restrict who can do this and under what circumstances.
