
Build and run secure applications
This article is primarily intended for software publishers, IT service providers and IT research and development teams. Whether you deliver your product to your customers, provide specific ... Read more

Understanding and avoiding the most common cybersecurity attacks in 2021
A cyberattack is any offensive maneuver that targets computer information systems, infrastructures, computer networks, or personal computer devices, using a variety of methods to steal, modify ... Read more

Unleash the potential of your Microsoft ADCS PKI
The Microsoft ADCS PKI is designed for use by Windows services, not for external requests, or any other types of requests for that matter. Here we look at how to extend the efficiency and ... Read more

IAM: A comparison of open-source tools
An Identity and Access Management (IAM) tool centralizes the authentication process for applications and IT services. In this article, although there are paid-for IAM solutions such as Okta, ... Read more

In-house PKI: Ask yourself the right questions
Organisations of all sizes are interested in deploying a Public Key Infrastructure (PKI) project, to generate digital certificates. As the complexity of the project is directly dependent on the ... Read more

White paper: OpenID Connect and OAuth – The authorization and authentication protocols
Before OpenID Connect and SAML, information systems relied on simple authentication, which was hard to maintain and could lead to various security vulnerabilities. OpenID ... Read more

Our first-hand account of Tunisia Digital Summit 2020
The Digitalberry team took part in two panel discussions on “digital identity at the heart of digital trust” and “high-priority projects for IS departments in 2020” at Tunisia Digital Summit ... Read more

TLS 1.3: Security updates and policy issues
TLS 1.3, the latest version of the TLS protocol published in August 2018 by the IETF (RFC 8446) has a great future ahead of it. It meets the current needs of “full https”, which is widely ... Read more

Digitalberry partners up with Primekey
Digitalberry and Primekey are happy to announce a new partnership. PrimeKey is one of the world’s leading companies for PKI (Public Key Infrastructure) and digital signing ... Read more

Personal, server-based or electronic signature stamp: when to use them?
As well as providing different levels of security (single, advanced or qualified), electronic signatures have different characteristics depending on the signatories and required use. Before ... Read more

How to set up an electronic signature in an ERP
At the heart of company business processes, ERP, whether an in-house or vendor solution, is changing to adapt to companies’ new digital habits. The process for “natively” associating an ... Read more

California: How a certificate outage delayed COVID-19 data
Public and private bodies are using an increasing number of digital certificates to secure their electronic communications. The expiration of a single certificate is often enough to stop an ... Read more
Identity federation and SSO: Digital identity management and authentication
Access to digital services needs to be protected with user IDs assigned to specific individuals. Facebook requires an e-mail address and password while the French health insurance website ... Read more

Electronic signature and the importance of effective project scoping
Legal implications varying from country to country, it means that there is much more to consider than the technology for electronic signature projects. Meticulous preparation is needed to identify the company requirements and constraints relating to electronic signatures, which are a key component of [...] Read more

TLS Handshake: protocol and two-way authentication mechanism
The TLS secure digital communications protocol includes a sub-protocol called TLS Handshake. This enables the server and client to authenticate each other in turn then select an encryption algorithm and cryptographic key before the application sends the data. Here's how it works. Read more

Insecure connection: the 5 digital certificate warning messages
Sometimes a website can't be accessed and the browser shows a “not secure” warning. In fact, this warning is displayed when the website’s certificate isn't recognized. This could be because it has expired or doesn't exist, is self-signed, from an unrecognized authority or [...] Read more

Which TLS certificate should I choose to secure my website?
There are three main types of TLS (formerly SSL) certificate for protecting a website: domain validation (DV), organization validation (OV) and extended validation (EV). There is often much ... Read more

How to avoid service outages when digital certificates expire
Digital certificates are issued for a defined use (or uses) and a finite lifespan. Failing to renew them in this “all-digital” age has serious consequences such as security breaches, critical ... Read more

Strong authentication: a key element of digital trust
Along with digital identity, authentication is one of the pillars of digital trust. It involves certifying the identity of a person or machine so they can access a service or resource. Let's take a look at the different [...] Read more

Digital identity: the foundation of digital trust
Five years after the introduction of the eIDAS European regulation on electronic identification and trust services for electronic transactions. Let's take another look at one of the key elements ... Read more