More search options
Basket icon
No items
Basket icon

Product details

By continuing to use our site you consent to the use of cookies as described in our privacy policy unless you have disabled them.
You can change your cookie settings at any time but parts of our site will not function correctly without them.
Compact case
Case
-
Reference no. 702-015-1
Subject category: Ethics and Social Responsibility
Authors: Ali Farhoomand; Mary Ho
Published by: Asia Case Research Centre, The University of Hong Kong
Originally published in: 2002
Version: 12 July 2002
Length: 3 pages
Data source: Published sources
Share a link: https://casecent.re/p/21700
| No reviews for this item
View our pricing guide or login to see prices.

Abstract

On 22 March, 2001, the Microsoft Corporation (Microsoft) warned computer users that an individual posing electronically as a company representative had fooled VeriSign Inc, the leading digital certificate authority, into issuing two fraudulent digital certificates in Microsoft''s name. The certificates could be used by malicious attackers to trick computer users into running unsafe software programmes. Despite the discovery of the fraud and the follow-up investigation by the FBI, the person who registered the certificates could not be found. The Microsoft case was the world''s first reported case of digital certificate fraud. It raised serious questions about the sophistication of digital certificates and signatures, and the rules governing the conduct of issuers and users in the electronic marketplace. The accident also revealed that a simple identity certificate/signature comes with complex and non-standard policies and procedures that are vulnerable to regulatory and security flaws.
Teaching note
-
Reference no. 702-015-8
Subject category: Ethics and Social Responsibility
Authors: Ali Farhoomand; Mary Ho
Published by: Asia Case Research Centre, The University of Hong Kong
Originally published in: 2002
Version: 26 July 2002
Length: 8 pages
Data source: Published sources
View full details
Compact case
Case
-
Reference no. C702-015-1
Simplified Chinese language
Subject category: Ethics and Social Responsibility
Authors: Ali Farhoomand; Mary Ho
Published by: Asia Case Research Centre, The University of Hong Kong
Published in: 2002
Length: 2 pages
Data source: Published sources
View full details

About

Abstract

On 22 March, 2001, the Microsoft Corporation (Microsoft) warned computer users that an individual posing electronically as a company representative had fooled VeriSign Inc, the leading digital certificate authority, into issuing two fraudulent digital certificates in Microsoft''s name. The certificates could be used by malicious attackers to trick computer users into running unsafe software programmes. Despite the discovery of the fraud and the follow-up investigation by the FBI, the person who registered the certificates could not be found. The Microsoft case was the world''s first reported case of digital certificate fraud. It raised serious questions about the sophistication of digital certificates and signatures, and the rules governing the conduct of issuers and users in the electronic marketplace. The accident also revealed that a simple identity certificate/signature comes with complex and non-standard policies and procedures that are vulnerable to regulatory and security flaws.

Related

Teaching note
-
Reference no. 702-015-8
Subject category: Ethics and Social Responsibility
Authors: Ali Farhoomand; Mary Ho
Published by: Asia Case Research Centre, The University of Hong Kong
Originally published in: 2002
Version: 26 July 2002
Length: 8 pages
Data source: Published sources
View full details
Compact case
Case
-
Reference no. C702-015-1
Simplified Chinese language
Subject category: Ethics and Social Responsibility
Authors: Ali Farhoomand; Mary Ho
Published by: Asia Case Research Centre, The University of Hong Kong
Published in: 2002
Length: 2 pages
Data source: Published sources
View full details