Cloud Computing Patterns | Mechanisms | Certificate

Cloud Computing Patterns, Mechanisms > Mechanisms > C > Certificate
Home > Mechanisms > Certificate



A certificate is a data file that binds the identity of an entity to a public key, and contains the user’s identification and a signature from the issuing authority. It is also referred to as a digital certificate, X.509 certificate, or a public key certificate. Certificates are issued from the public key infrastructure (PKI), which provides a registration authority to determine the identity of the certificate holder or subject to a required level of assurance, and a certification authority to issue the certificate. The PKI also contains a repository of the issued certificates and the certificate revocation list (CRL).

Certificates contain a public key and have a corresponding private key that is protected by a password and can be stored on a hardware security module (HSM) such as a smart card. Data encrypted by the private key can only be decrypted by the public key, whereas data encrypted by the public key can only be decrypted by the private key. With this scheme, most required security services can be created.

Figure 1 – An individual or subscriber with a digital certificate.

Figure 1 shows a certificate issued to a person. The certificate contains the public key while the corresponding private key is protected. The person authenticates to the private key by unlocking it with the password. Certificates are also issued to non-person entities (NPEs), such as Web servers or routers.

Related Patterns: Cloud Certified Professional (CCP) Module 7: Fundamental Cloud Security Cloud Certified Professional (CCP) Module 8: Advanced Cloud Security

This mechanism is covered in CCP Module 7: Fundamental Cloud Security and
in Module 8: Advanced Cloud Security.

For more information regarding the Cloud Certified Professional (CCP) curriculum, visit

Cloud Computing Design Patterns

This cloud computing mechanism is also covered in:

Cloud Computing Design Patterns by Thomas Erl, Robert Cope, Amin Naserpour

(ISBN: 9780133858563, Hardcover, ~ 528 pages)

For more information about this book, visit