Installing, Configuring, & Managing Windows 2000 Certificate Authorities

The rapid growth of Internet use has given rise to new security concerns. Any company that does not configure a strong security infrastructure is putting itself at risk. Organizations today rely on networks for access to information. These range from internal networks to the Internet. Access must be configured to provide information to other organizations that request it. In the past, Windows NT provided user security through account names and passwords. At logon, every user had to submit credentials that were compared against a server's database for authentication. The matching of the username and password identified the user but failed to identify the corporate server. This environment allowed many man-in-the-middle (MITM) attacks. Windows 2000 now includes new security features that prevent MITM attacks. The new security features include the components that create the public key infrastructure. This security is based on the use of public key pairs. The secret key method of encryption uses a single key to encrypt and decrypt information. Secret key encryption quickly encrypts a large amount of data and is sometimes referred to as symmetric key cryptography. However, the disadvantage of secret key encryption is that a secure method must be in place for the parties to exchange the one secret.