X.509 Certificate Policy for the United States Department of Defense

Abstract

The United States Department of Defense (DOD) is developing a Key Management Infrastructure (KMI) to provide engineered solutions (consisting of products and services) for security of networked computer-based systems. Part of this KM is a Public-Key Infrastructure (PKI), consisting of products and services which provide and manage X.509 certificates for public-key cryptography. Certificates identify the individual named in the certificate, and bind that person to a particular public/private key pair. Programs which carry out or support the mission of the US DOD require services such as authentication, confidentiality, technical non-repudiation, and access control. These services are met with an array of network security components such as workstations, guards, firewalls, routers, in-line network encryptors (I NE), and trusted database servers. The operation of these components is supported and complemented by use of public-key cryptography. As a system solution, the components share the burden of the total system security. The use of public key certificates does not add any security services in a poorly designed or implemented system.

Document Details

Document Type

Technical Report

Publication Date

Dec 13, 1999

Accession Number

ADA391534

Entities

Tags