A digital document that proves the authenticity and legitimacy of a non-human identity.
Description
In the context of Non-Human Identities (NHIs), a certificate serves as a formal validation mechanism that associates a specific non-human entity, such as a device, application, or service, with a unique identity. Certificates are typically issued by a trusted authority known as a Certificate Authority (CA), and they contain important information, including the identity of the non-human entity, the public key associated with it, and the signature of the issuing authority. This ensures that other entities can verify the authenticity of the non-human identity by checking the signature and ensuring that the certificate is still valid. Certificates are integral to establishing secure communications, particularly in environments such as the Internet of Things (IoT), where devices need to authenticate themselves to one another to prevent unauthorized access and ensure data integrity. By leveraging certificates, organizations can manage digital identities of non-human entities effectively, thus enhancing security and trust in automated systems.
Examples
- X.509 certificates used for IoT devices to secure communications.
- SSL/TLS certificates for web servers to authenticate their identity.
Additional Information
- Certificates can be revoked if a non-human identity is compromised.
- The use of certificates is governed by standards such as PKI (Public Key Infrastructure).
References
- What is a Non-Human Identity? - CyberArk
- Key Takeaways from the 2024 ESG Report on Non-Human Identity ...
- What are Non-Human Identities (NHIs), and how do we secure them?
- Navigating the Growing Challenges of Non-Human Identities in IT
- Non-Human Identity Management - Veza
- A Human's Guide to Non-Human Identities (NHIs) - Aembit
- NHI Characteristics. Non-Human Identities (NHIs)… | Sep, 2024
- The State of Non-Human Identity Security | CSA
- What is a Non-Human Identity? | Silverfort Glossary