Inkampani yeGlobalSign , njani kwaye kutheni iinkampani zisebenzisa iziseko ezingundoqo zoluntu (PKI) kwindawo yokuqala. Abantu abamalunga ne-750 bathathe inxaxheba kwi-survey: baphinde babuzwa imibuzo malunga nokusayinwa kwedijithali kunye ne-DevOps.
Ukuba awuqhelananga neli gama, i-PKI ivumela iisistim ukuba zitshintshe ngokukhuselekileyo idatha kwaye ziqinisekise abanini bezatifikethi. ziquka uqinisekiso lwezatifikethi zedijithali kunye nezitshixo zikawonke-wonke zoguqulelo oluntsonkothileyo kunye noqinisekiso lwe-cryptographic lokunyaniseka kwedatha. Naluphi na ulwazi olubuthathaka luxhomekeke kwinkqubo ye-PKI, kwaye i-GlobalSign ithathwa njengomnye wababoneleli abakhokelayo behlabathi benkqubo enjalo.
Ke, makhe sijonge kwiziphumo ezimbalwa eziphambili kuphononongo.
Yintoni efihliweyo?
Ngokubanzi, i-61,76% yeenkampani zisebenzisa i-PKI ngendlela enye okanye enye.
Omnye wemibuzo ephambili abaphandi abanomdla kukuba zeziphi iinkqubo ezifihliweyo kunye nezatifikethi zedijithali abaphenduli bazisebenzisayo. Ayothusi into yokuba malunga nama-75% athi asebenzisa izatifikethi zoluntu , kwaye malunga ne-50% ixhomekeke kwi-SSL yangasese kunye ne-TLS. Esi sesona sicelo sidumileyo se-cryptography yanamhlanje - ukubethelwa kwetrafikhi yenethiwekhi.
Lo mbuzo wabuzwa kwiinkampani eziphendule ewe kwimibuzo yangaphambili malunga nokusebenzisa iinkqubo ze-PKI, kwaye ivumele iinketho ezininzi zeempendulo.
Isithathu sabathathi-nxaxheba (30%) bathi basebenzisa izatifikethi kwiisignesha zedijithali, ngelixa bethembele kancinci kwi-PKI ukukhusela i-imeyile (). I-S/MIME yindlela elandelwayo esetyenziswa ngokubanzi yokuthumela imiyalezo efihliweyo esayiniweyo kunye nendlela yokukhusela abasebenzisi kubuqhophololo. Ngokunyuka kohlaselo lobuqhetseba, kucacile ukuba kutheni esi sisisombululo sithandwa kakhulu kukhuseleko lweshishini.
Siphinde sajonga ukuba kutheni iinkampani ekuqaleni zikhetha itekhnoloji esekwe kwi-PKI. Ngaphezulu kwe-30% ibonise ukwehla kwe-Intanethi yeZinto (), kwaye i-26% ikholelwa ukuba i-PKI ingasetyenziselwa uluhlu olubanzi lwamashishini. I-35% yabaphenduli baqaphele ukuba bayayixabisa i-PKI yokuqinisekisa ukuthembeka kwedatha.
Imingeni yokuphunyezwa eqhelekileyo
Ngelixa sisazi ukuba i-PKI inexabiso elikhulu kumbutho, i-cryptography yitekhnoloji entsonkothileyo. Oku kubangela iingxaki ngokuphunyezwa. Sibuze abaphenduli ukuba bacinga ntoni malunga nemingeni ephambili yokuphunyezwa. Kwavela ukuba enye yeengxaki ezinkulu kukungabikho kwezixhobo zangaphakathi ze-IT. Akukho basebenzi baneleyo abafanelekileyo abayiqondayo i-cryptography. Ukongeza, i-17% yabaphenduli babika ixesha elide lokusasazwa kweprojekthi, kwaye phantse i-40% ikhankanye ukuba ulawulo lwe-lifecycle lunokutya ixesha. Kwabaninzi, umqobo lixabiso eliphezulu lezisombululo ze-PKI zesiko.
Sifunde kuphando ukuba iinkampani ezininzi zisasebenzisa igunya lazo lezatifikethi zangaphakathi, ngaphandle komthwalo owenzayo kwizixhobo ze-IT zenkampani.
Uphononongo lukwabonise ukwanda kokusetyenziswa kweesignesha zedijithali. Ngaphezu kwe-50% yabaphenduli bophando bathi basebenzisa ngokusebenzayo iisignesha zedijithali ukukhusela ukunyaniseka kunye nokunyaniseka komxholo.
Ngokuphathelele isizathu sokuba bakhethe iisignesha zedijithali, i-53% yabaphenduli bathi ukuthotyelwa kwesona sizathu, kunye ne-60% echaza ukwamkelwa kobuchwepheshe obungenamaphepha. Ukugcina ixesha likhankanywe njengenye yezizathu eziphambili zokutshintshela kwiisignesha zedijithali. Kwakunye nokukwazi ukunciphisa ixesha lokucwangcisa uxwebhu yenye yeenzuzo eziphambili zokusebenzisa iteknoloji ye-PKI.
Uguqulelo oluntsonkothileyo kwi-DevOps
Uphononongo aluyi kugqitywa ngaphandle kokubuza abaphenduli malunga nokusetyenziswa kweenkqubo zokubethela kwi-DevOps, imarike ekhula ngokukhawuleza eqikelelwa ukuba ifikelele kwi-13 yeebhiliyoni zeedola ngo-2025. Nangona i-IT market ngokukhawuleza itshintshele kwi-DevOps (uphuhliso + lwemisebenzi) indlela yokusebenza kunye neenkqubo zoshishino ezizenzekelayo, ukuguquguquka kunye neendlela ze-Agile, ngokwenene ezi ndlela zivula iingozi ezintsha zokhuseleko. Okwangoku, inkqubo yokufumana izatifikethi kwindawo ye-DevOps inzima, idla ixesha, kwaye ineempazamo. Nantsi into abajongene nayo abaphuhlisi kunye neenkampani:
- Kukho izitshixo ezingakumbi kunye nezatifikethi ezisebenza njengezichongi zoomatshini kwizilinganisi zomthwalo, oomatshini ababonakalayo, izikhongozeli kunye nothungelwano lwenkonzo. Ulawulo lwesiphithiphithi kwezi zizazisi ngaphandle kobuchwepheshe obuchanekileyo ngokukhawuleza buba yinkqubo ebiza kakhulu kwaye inobungozi.
- Izatifikethi ezibuthathaka okanye ukuphelelwa kwexesha lesatifikethi esingalindelekanga xa ukunyanzeliswa kwemigaqo-nkqubo efanelekileyo kunye nezenzo zokubeka iliso zingekho. Akufuneki ukuthetha, ixesha elinjalo lokuphumla linempembelelo ebalulekileyo kwishishini.
Yiyo loo nto i-GlobalSign ibonelela ngesisombululo , edibanisa ngokuthe ngqo ne-REST API, EST okanye , ukwenzela ukuba iqela lophuhliso liqhubeke nokusebenza ngesantya esifanayo ngaphandle kokuncama ukhuseleko.
Ii-cryptosystems eziphambili zikawonke-wonke zezona teknoloji zibalulekileyo zokhuseleko. Kwaye kuya kuhlala kunjalo kwikamva elibonakalayo. Kwaye ngenxa yokukhula okugqabhukileyo esikubonayo kwicandelo le-IoT, silindele ukuthunyelwa kwe-PKI ngakumbi kulo nyaka.
umthombo: www.habr.com