GlobalSign

GlobalSign is a WebTrust-certified certificate authority (CAs) and provider of Identity Services.[3] GlobalSign was founded in Belgium in 1996 and acquired in 2007 by GMO group in Japan (formerly GeoTrust Japan).[1][4] As of January 2015, Globalsign was the 4th largest certificate authority in the world according to the Netcraft survey. [5]

GlobalSign
Private company
IndustryComputer security, Internet security
FoundedBelgium (1996 (1996))[1] and presently a subsidiary of GMO CLOUD K.K. in Japan,[2]
Headquarters,
Websitewww.globalsign.com

Services

GlobalSign provides PKI and Identity and Access Management services to provide enterprises with a platform to manage internal and external identities for the Internet of Everything. The services allow organizations to deploy secure e-services, manage employee and extended enterprise identities and automate PKI deployments for users, mobile, and machines.[6] GlobalSign’s PKI services include a trusted root-chaining program for trusted PKI deployments, which allows the widely distributed and trusted GlobalSign root CA certificates to cryptographically chain subordinate root CAs for use in Microsoft CA and in other in-house CAs. Such chaining allows these non-commercial CAs to control their own internal PKI, typically issuing SSL and digital IDs for secure email and two-factor authentication.[7]

GlobalSign also provides certificates to authenticate IoT to address authentication needs in the emerging $14.4 trillion Internet of Everything (IoE) market.[8] As of 2020, GlobalSign does not consider post-quantum cryptography an immediate priority, while first PQC mechanisms are emerging.[9]

The company has offices in the US, Europe and throughout Asia.

SSL configuration checker

In November 2012 GlobalSign launched an online service that allows website administrators to confirm that they have correctly configured SSL across their websites and receive actionable guidance on how to remediate any faulty or exploitable SSL configurations.[10]

Acquisition

In 2014 GlobalSign acquired Helsinki-based Ubisecure Solutions, Inc., a privately held identity and access management (IAM) software developer. Ubisecure was spun out of GlobalSign in 2016.[11]

Recognized industry firsts

GlobalSign was the first CA to improve revocation checking for HTTPS pages through the use of a CDN.[12]

The company was also the first to offer IPv6 compliant revocation services.[13]

2011 hacking incident

In September 2011, GlobalSign suspended issuing authentication certificates temporarily after an anonymous hacker compromised their servers.[14] An Iranian student self-identified as "Comodohacker", who also claimed responsibility for the 2011 Comodo and DigiNotar breaches,[15] claimed that he had also hacked the systems of GlobalSign.[16] GlobalSign took the claim seriously enough to halt the signing/issuing of new certificates while investigating the claims; it resumed issuing certificates a week later.[17]

Dutch security company Fox-IT was contracted to analyze the breach and GlobalSign released a security incident report.[18] On December 13, 2011 GlobalSign released its final report on the incident. The report concluded that while GlobalSign's own web server was breached and the certificate of this server was stolen, due to the air gap separating this web server from the certificate-issuing machine (the one holding the company's root certificate), there was no evidence of any rogue certificates issued or any customer data exposed, thus the remedial actions were limited to cancelling their own web server's certificate and patching its software.[17][18] Sophos’s Chester Wisniewski summarized the report and GlobalSign’s response to the incident on his blog and concluded "Not only is the report thorough and convincing, but it appears that GlobalSign took every action, exactly as they should have, both during and after the incident."[19]

gollark: Wow, that's really short.
gollark: I'm considering buying a really short domain for no particular reason.
gollark: All goalposts are contained in Goalpost Site-185B.
gollark: It's very weird.
gollark: There's this one atom in the GTech™ atom container which, instead of spontaneously radioactively decaying, spontaneously emits bitstreams.

See also

Sources and references

  1. "GlobalSign digital certificate and PKI solutions". 2001-02-05. Archived from the original on 2001-02-05. Retrieved 2016-09-14.
  2. "Corporate summary". 2013-04-22. Retrieved 2013-08-13.
  3. "Web Trust Audit report from E&Y" (PDF).
  4. "About GlobalSign". 2015-03-13. Retrieved 2015-03-13.
  5. https://www.netcraft.com/internet-data-mining/ssl-survey/
  6. https://www.iotevolutionworld.com/iot/articles/444599-globalsign-infineon-join-forces-strengthen-iot-trustworthiness.htm
  7. https://www.computing.co.uk/feature/4013164/managing-iam-coronavirus-crisis
  8. https://www.embedded-computing.com/iot/globalsign-infineon-partner-to-strengthen-iot-device-identity-for-simplified-enrollment-into-microsoft-azure-iot-hub
  9. "Don't get fooled by post-quantum snake oil we are still years away from being quantum-proof". 2020-03-11.
  10. "GlobalSign SSL Configuration Checker Provides Guidance to Reduce Cybercriminals' Ability to Exploit Faulty SSL Configurations". 2012-11-15.
  11. https://www.ubisecure.com/corporate/revealing-new-ubisecure/
  12. CloudFlare Partners With GlobalSign To Make Loading Secure Web Pages Up To 6 Times Faster. TechCrunch (2012-11-01). Retrieved on 2013-07-26.
  13. GlobalSign First CA to Offer Certificate Revocation Status Services over IPv6. Thewhir.com (2013-03-13). Retrieved on 2013-07-26.
  14. BBC News - GlobalSign stops secure certificates after hack claim. Bbc.co.uk (2011-09-07). Retrieved on 2013-07-26.
  15. Mikko Hypponen (2011-09-06). "DigiNotar Hacker Comes Out".
  16. Sterling, Toby. "Another Firm Stops Issuing Website Security Certificates In Wake Of Dutch Hack." Canadian Press, 6 Sep. 2011: Newspaper Source Plus. Web. 30 May 2013.
  17. http://www.zdnet.com/blog/btl/unpatched-server-led-to-globalsign-breach/75374
  18. Steve Waite (2011-12-13). "Security Incident Report" (PDF).
  19. Chester Wisniewski (2011-12-15). "Google and EFF propose improvements to HTTPS as GlobalSign releases CA breach report".
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.