Intensively using digital certificates, b2een provides the highest security standards.
The three-layer security protocol implemented by b2een performs:
- digital signature
- data integrity / non-repudiation
What is a Digital Certificate?
A digital certificate (or public key certificate) is an electronic document that is used to establish the identity / credentials of a party when performing electronic transactions. It is the digital equivalent of an ID card used in conjunction with a public key encryption system.
A digital certificate is issued by a certification authority (CA). It contains the name of the specific account/user being identified, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. The certification authority can revoke a given certificate at any time.
How are Digital Certificates handled in b2een?
b2een takes care of digital certificates generation, distribution and use. All those actions take place behind the scenes and do not require any knowledge from b2een users.
Each b2een peer is equiped with multiple certificates:
- one issued during the registration process, which allows the peer to be identified by the b2een Registration Server
- one per Community to which the member is subscribed
Any information exchange between two b2een peers or between a b2een peer and a b2een infrastructure server (like a Community server for example) is signed and encrypted thanks to digital certificates.
b2een uses standards-based encryption algorithms.
Digital signature with b2eenDigital signature ensures authentication, which is key to secure exchanges; only messages from authorized senders are accepted by the receiver.
Any communication network, like Internet or your company network, can be monitored by hackers. Emails for example can be read by anybody intercepting the flow, or even within your company by anybody accessing the email servers.
Encryption ensures that only the sender and receiver can view and understand the transmitted data.
Each message to be sent is encrypted by the sender (using the public key of the recipient). Only the private key of the recipient can enable message decryption.
Data integrity / non-repudiation
Data integrity is about ensuring that a received message was not altered during transmission. Data integrity check is performed using a hash algorithm (MD5).