Problem 1 [35 Points] Visit the site www.amazon.com, read its certificate and find the following information. a) [5 Points] Which CA issued and signed the certificate? b) [5 Points] What is the...

Assignment - Computer Network Security
Problem 1:
Ans (a). AWS Certificate Manager (ACM) which is a Private Certificate Authority (CA), which manages certificates. That is ACM has been responsible for issued and signed certificates in amazon.com. The ACM is the private certificate authority which is responsible for private as well as public certificates. Without maintaining and building own on-premises the certificate authority infrastructure, you can build a secure and extremely accessible CAs.
AWS Certificate Manager (ACM) that is a private service and is responsible to easily manage, provision and deploy all the private as well as public SSL certificates and that are used for the AWS services also. AWS Certificate Manager delete very time-consuming method related to renewing, uploading, purchasing SSL/TLS certificates. In the guidance of AWS Certificate Manager, the person can easily request for a certificate, organise all the things on AWS resources for example on Amazon Cloud Front distributions. After this process the AWS Certificate Manager manages the certificate regeneration. AWS certificate manager is also have the responsibility to generate private certificates which are related for internal resources, as well as ACM handles the certificate lifecycle also.
Ans (b). The amazon.com website issue the certificate to the trusted and verified organization/company or website. It must ensure that the other party which is applying and requesting for issuing the AWS certificate that organization must be trusted. During requests to web server for issuing certificate, the web server must ensure the authenticity of that website and after verification must send the copy of its SSL certificate. There must be secure connection during transmission in between parties.
Figure 1: Certificate validating using DNS with AWS Certificate Manager
A shown in Figure 1, which shows certificate validating using DNS with AWS Certificate Manager. The ACM should be responsible while validation the certificate to another organization.
During issuing certificate to another organization some points keep in mind like to verify the domain name, AWS account ID, certificate identifier. The ACM must ensure to check all these entries very carefully while issuing certificate to any organization or website.
Ans (c). Basically encryption technique is used for digital signature as well as for hash function to sign the certificate. To encrypt the hash, the digital signatures use the sender’s private key. To decrypt the hash function, digital signature use the owner’s private key. With the help of hashing, we can see that the data can’t be changed during transmission between sender and receiver. The private key used for encrypting data, which is not the better approach for securing the data because any person can access that data to the public key and can decrypt the data.
But it is very much possible to encrypt a hash function with the help of private key. That results that the decryption of the hash key and can be compared with anyone having the similar public key. So the authenticity has been provided, so the encrypted hash key must have been generated with the help of who holds that particular private key. So this is the reason that encryption as well as decryption technique is used for digital signature and hash function.

Figure 2: Digital Signature hashed by SSL
As shown in figure 2, which represents that the how digital signatures hashed by SSL. With the help of hash function, and with public and private key, the data has been encrypted and the original data has been received by the...