Public Key Infrastructure (PKI)

What is PKI?

In today’s world, you can exploit the possiblities of a new generation of distributed, business-critical applications. These applications enable you to deliver products and services over intranets (employees), extranets (trading partners) and Internet (worldwide customers and prospects). However, in order to gain customer confidence, you must operate your applications in a high-availability, high-security environment. In other words: you need an internet security infrastructure ensuring safety, confidentiality and privacy of online communications and transactions. A Public Key Infrastructure (PKI) is such an internet security infrastructure.

Goal of PKI

The goal of a PKI is to protect information assets through:

  • Pricavy—ensuring that information is not intercepted during transmission;
  • Authentication—validating the identity of parties in communications and transactions;
  • Integrity—ensuring that the information is original and not corrupted during transport
  • Non-Repudiation—ensuring that transactions, once committed, are legally valid and irrevocable;

How does it work?

Technically, PKI is based on the use of digital certificates: electronic IDs that enable users to encrypt messages and verify digital signatures.The concept of PKI refers to the technology, infrastructure, and practices needed to enable use and acceptance of digital IDs on a significant scale.

One of the main functions of an PKI within an enterprise is to distribute digital IDs accurately and reliably to its users. Digital IDs are issued by an enterprise certification authority (CA) to users who register with that CA.  Issuance of a certificate requires authentication of the user,  by a registration authority (RA). The scope of PKI also extends to functions such as certificate renewal, certificate revocation/status checking, and backup/recovery of private keys (the user’s private secret digital key, necessary for encrypting and signing electronic messages).

Two models for PKI Deployment

You may choose to purchase your own standalone PKI software. But then your enterprise would assume 100% of the investment and 100% of the risk while accepting a limited infrastructure.
As an alternative you can choose to deploy an integrated PKI platform. This platform combines enterprise controlled and operated PKI soft- and hardware with the certificate processing services and infrastructure the high-availability, high-security PKI backbone of PinkRoccade Trusted Services and VeriSign. This means: a better infrastructure, shared investment and shared risk.

Back