Recent news

  • TMCA Workshop 2012

    In Q1 2012, TAB has initiated eSecurity business challenges and strategies with its business partners and key customers.  This saw a discussion workshop was held recently outside Kuala Lumpur. The objectives of the workshop are innovating products and services that are suited to be introduced to key customers under the Information Exchange drive, and introducing latest authentication services by TAB to all present.   The workshop outcome was fruitful and provided a good insight for everyone on the importance of information security.   TAB is enthusiastic and confident to work with its key customers in providing them end-to-end security solutions for their businesses. 

     
  • TAB To Become The 3rd CA Provider In Malaysia

     

    MCMC has been granted TM Applied Business the establishment stage as Licensed Certification Authority (CA) in 15th December 2010. This establishment License valid until 14th December 2011.

     
  • TM eCert Official Launch


    TM had officially launched the e security initiatives branded as TM eCert in early February 2009.  

PKI - Public Key Infrastructure

PKI LogoPublic Key Infrastructure (PKI)

  • ICT technology is advancing vary fast everyday. Therefore, today’s people are more frequently engaged with wireless/wireline communications and network. Obviously, information and data security became very important in order to establish trusted e-world.
  • PKI (Public Key Infrastructure) has been widely considered over the ICT environment to be the most reliable and secure method of achieving information and data security on the wireless/wired communications and network.
  • The PKI system uses a pair of mathematically related keys (called a private key and a public key) to encrypt and decrypt confidential information and to generate and verify digital signatures. The main function of PKI is to issue digital certificate (contains public key) to users and applications.
  • Digital certificate is now common in various type of eCommerce/mCommerce to protect data and information such as for Internet Banking, Online stock trading, electric payment, online shopping and so many others.
    • Public-Key Infrastructure (PKI) – PKI is a framework that provides security services to an organization using public-key cryptography. These services are generally implemented across a networked environment, work in conjunction with client-side software, and can be customized by the organization implementing them. And all security services provide transparency
    • Certification Authority (CA) – An entity that issues digital certificates (especially X.509 certificates) and vouches for the binding between the data items in a certificate. An authority trusted by one or more users to create and assign certificates. Certificate users depend on the validity of information provided by a certificate. Thus, a CA should be someone that certificate users trust. A CA is responsible for managing the life cycle of certificates and, depending on the type of certificate and the CPS that applies, may be responsible for the lifecycle of key pairs associated with the certificates.
    • Certificate – Public-Key Certificate in one of the formats defined by X.509. This Certificate contains a sequence of data items and has a digital signature computed on that sequence by CA and associates the public key and its user.
    • Encryption – Cryptographic transformation of data (called "plain text") into a different form (called "cipher text") that conceals the data's original meaning and prevents the original form from being used. The corresponding reverse process is "decryption", a transformation that restores encrypted data to its original form. A public-key certificate that contains a public key that is intended to be used for encrypting data, rather than for verifying digital signatures or performing other cryptographic functions. Private-key is used for decrypting data. Encrypting and decrypting data through the use of a public-private encryption key pair is known as asymmetric cryptography. The additional keys used for data security are known as symmetric keys. A symmetric key is used to both encrypt and decrypt data. Symmetric keys, then, are used for both encrypting and decrypting data.
    • Digital Signatures – A value computed with a cryptographic algorithm and associated with a data object in such a way that any recipient of the data can use the signature to verify the data's origin and integrity. To achieve these properties, the data object is first input to a hash function, and then the hash result is cryptographically transformed using a private key of the signer. The final resulting value is called the digital signature of the data object. The signature value is a protected checksum, because the properties of a cryptographic hash ensure that if the data object is changed, the digital signature will no longer match it. The digital signature is unforgeable because one cannot be certain of correctly creating or changing the signature without knowing the private key of the supposed signer.

    Certificate Security Goals

    Confidentiality
    Ensuring that only the intended party is able to read the information.
    Integrity
    Ensuring that the information has not been modified.
    Availability
    Ensuring information is always available as and when needed.
    Authorisation & Accountability
    Access control to information and ensure responsibility
    Authenticity
    Ensuring the identity of communicating party.
    Non –repudiation
    Ensuring that a party cannot deny his/her involvement in a transaction.
    Privacy
    Ensure identification & information used is kept private.

     

    Value Added Products:

    • eDoc
    eDoc is an application for document security that enables any type of documents to be encrypted/decrypted using public key and private key embedded in digital certificates.

    To use eDoc, both parties (sender and recipient) need to register and download the digital certificate and the application via Portal.

    eDoc will assure that only authorized users can open the files forwarded to intended recipients.

    Provide strong data protection security by using digital certificate for encryption/decryption

    User friendly interface and support various international cryptography algorithms.

    With eDoc, user is able to:
    • Attach encrypted file or document via Microsoft Outlook/Exchange.
    • Select any certificate(s) in the recipients list from LDAP. eDoc has a flexible grouping that similar to MS Outlook address book.
    • Enables registered users to be familiarised with services by going through the online user guides and demo at their convenience.
    • Manage and edit the grouping from the recipient list.
    • To search certificate in LDAP.
    • To save the encrypted document in any user selected drive and media.

    • Secure Socket Layer (SSL) Certificate

    SSL secures communication channel/link to ensure all data that pass between the web server and browser remains private and confidential.
    • It caters for common web server such as Apache Tomcat and Ms Internet Information System (IIS).
    • It provides a secured channel in two ways:
    - Secured channel between client and server.
    - Secured channel between server to server.

    • The services provided by SSL are as follows:
    - Cross certification.
    - Data Encryption/Decryption.
    - Digital Signature/Verification.

    • eWeb

    Web provides data encryption/decryption and digital signature between web and server.
    • It ensures confidentiality for web application by encrypting and decrypting data to keep it secure on web transaction and support digital signature.
    • User, client and server certificates are verified based on LDAP and CPS. Client certificate status is validate via Certificate Revocation List (CRL).
    • To launch the program, user should run the ActiveX program that is distributed to client via web browser that includes Session Manager Module and Client API.
    • The web server program consists of Server API. Each user's session key information are stored in user session.
    • User authentication is a certificate-based login. First, user needs to select his/her certificate to be used during the secured exchanging Web session, then enters the certificate's password for identity validation.

    • eNet

    eNet authenticates servers, and encrypts/decrypts transaction data in server to server environment. It can be applied to various operational environments without customizing. This product applies TLS and SSLv3.0 international standards.

    To learn more on our PKI solution, please This email address is being protected from spambots. You need JavaScript enabled to view it. .