Strengthening the public key infrastructure in Costa Rica

Abstract

Cryptographic methods have been widely used for digital certificates, electronic signatures and public key algorithms. These elements have been developed in order to provide security mechanism for electronic transactions; by using those elements it is possible to ensure the basic requirements of information security, which are authentication, integrity, privacy, availability and non-repudiation. But security mechanism in order to be legally accepted require regulation and the creation of different actors accomplishing several roles, these elements provide a framework in which transactions can be done safely. Public Key Infrastructure (PKI) has been recognized as the system that can provide that trustworthy environment; it comprises of several actors and activities such as, key management, certificates, certification authorities, registration authorities, etc. This document is a study of the Costa Rican Public Key Infrastructure. It includes general issues related with information security systems, a brief analysis of different techniques currently used to protect information, and focuses in the use of cryptography, digital and electronic signatures and PKI. An analysis of the current status of the PKI of Costa Rican is presented. Also an analysis of the Korean PKI has been done in order to study the way it is integrated, the main policies that Korea has adopted to develop, promote and strength it``s PKI. Based on the study of Korean PKI, some policies and recommendations have been developed with the goal to strengthen the Costa Rican PKI, an initial strategy for promotion of the certificates, policies and actions to be performed by the government of Costa Rica, and mechanisms for cooperation between both countries have included at the end in this document.