سال انتشار: ۱۳۸۶
محل انتشار: اولین کنفرانس بین المللی شهر الکترونیک
تعداد صفحات: ۸
Fariborz Ghahremani – Iran Airport Company, Student of M.Sc. In Information Technology Engineering-Electronic Commerce, Shiraz University
Mohammad Reza Davari – Student of M.Sc. In Information Technology Engineering-Electronic Commerce, Shiraz University
The automation of business processes introduces requirements for security services, such as confidentiality, integrity, authenticity, and non-repudiation. A Certificate Policy is a named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements, as defined in X.509. In any organization that operates a PKI, a Policy Authority is required to select or develop and maintain the Certificate Policy. The Policy Authority is generally the same group as that which is responsible for the organization’s information technology security policy. A Certification Practice Statement (CPS) is a statement of the practices that a CA employs in managing the certificates that it issues. The Operating Authority (usually an individual within the IT unit) is responsible for preparing and maintaining the CPS. The CPS should describe how the Certificate Policy is interpreted in the context of the system architecture and operating procedures of the organization.