What is a PKI? Create a Profile Log In PKI provides security solutions for a range of business applications. Security features within applications are transparent to end-users and easy to use. Right click the Entrust Intelligence icon, on the windows task bar. Click Create Entrust Profile on the pop up menu The wizard will guide you through. Click the Next button Enter the Reference number Enter the Authorization code Click Next -You can accept the default location or browse Type your name in the Profile name field Click Next Type your name in the profile name field Click Next Enter a password, Enter your password in New Password filed Enter your password in Confirm password field Click Next – take a few seconds to create profile Click Finish Right click the Intelligence icon windows taskbar. Click Log in to Entrust Public key cryptography provides the foundation of network security through encryption and digital signatures. Together, encryption and digital signatures provide: Confidentiality: Encrypting a file so that only you and the people you authorize can decrypt and read it. Authentication: Checking the digital signature of the person who signed a file to ensure that the file really came from that person. A guarantee of someone’s identity. Non-repudiation Guarantees that only the person whose digital signature appears on the document could have signed it. Prevents the party from denying the transaction after the fact. Integrity: Ensures that a protected file’s contents are unchanged. A valid digital signature on a file guarantees that the file has not been altered since it was signed. Password Criteria Minimum of 11 characters 1 uppercase letter 1 lowercase letter 1 digit 1 non alpha-numeric character on your Enter you password in the Password field Click the OK button The Entrust security warning dialog box appears. This is a security feature to prevent unauthorized access to your confidential information in your Entrust profile. Log Out Right click the Intelligence icon taskbar. Click Log Out of Entrust. on your windows To Encrypt your email message Compose your message in the Outlook new mail message window When you are ready to send, ensure the encrypt button is selected. Send the message in the regular way. Entrust/Express will search for the certificate(s) of your recipient(s) in the exchange directory and then encrypt and send your message, including attachments. A progress dialog will appear. You can cancel at anytime by clicking cancel If Entrust/Express can’t find a certificate for a recipient, it will ask you to choose one yourself. NOTE: If you wish to sign the message as well as encrypt it, ensure that you select the digitally sign button as well as the encrypt button. D/PKI/Quick reference Timestamp when encrypting and/or signing Questions If you select this option, Entrust/Express will automatically timestamp all your secured messages so that the exact time and date is affixed to the message. By timestamping a file, you can prove that you sent the message at a specific time and date. You can only timestamp messages that are secured using the Entrust format. To send your certificate to another user You can send your certificate to another user by using Entrust/Express or by sending them a signed-only message. In the Outlook main window, Click Express Send my Certificate to > Entrust User or S/MIME User. The Outlook Address Book appears. Select the recipient from the Outlook Address Book and click OK. If you are sending your certificate to an Entrust user, the validation string will be displayed. Click OK. You should also send the validation string to the user in a secure manner. When that user imports your certificate into his or her Entrust Address Book, Entrust will generate a validation string. The user should check the generated string against the one you provide. If the two values match, the certificate is valid. If the two values do not match, the user should ask you to resend your certificate. D/PKI/Quick reference Please contact your department LRA for assistance. TOPICS If you do not have a departmental LRA please call Gordon Boone David Hayes DSS DSS 453-5302 457-7876 What is PKI? Create a Profile Password Criteria Log In Log out SendEncrypted/Signed message