A CyberCIEGE scenario illustrating PKI interoperability issues through e-mail communications in a corporate environment

Abstract

To help educate computer/network users and administrators on the complexities and potential implementation pitfalls of PKI, the work outlined in this thesis extended the CyberCIEGE computer security simulation game with additional PKI-related functionality. The research developed a scenario definition file for the CyberCIEGE game engine that supports a new game scenario that illustrates PKI concepts (e.g., cross-certification, certificate path processing and certificate revocation), configuration choices, and the security implications thereof. The game engine was enhanced to realistically model the parameters of an actual X.509 digital certificate. Test cases designed for this game extension verified that the scenario reasonably portrayed realistic PKI deployment issues and provided feedback consistent with real-world PKI implementations.