PKI


Also found in: Dictionary, Thesaurus, Medical, Legal, Acronyms, Wikipedia.

PKI

PKI

(Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of organizations and individuals over a public system such as the Internet. The certificates are also used to sign messages (see code signing), which ensures that messages have not been tampered with. For more on how certificates and public keys are used, see digital certificate.

Inhouse PKIs
A PKI can also be implemented by an enterprise for internal use to authenticate employees accessing the network. In this case, the enterprise is its own certificate authority (CA). For details on the public key system, see cryptography.

Managing the Root Key
The root key is the public/private key pair of the certificate authority. If the private part of that root key is ever discovered, all the certificates issued under that key pair are compromised. Creating and keeping the private key very private is critical.

All Encompassing
The PKI establishes the encryption algorithms, levels of security and distribution policy to users. The PKI embraces all the software (browsers, e-mail programs, etc.) used to support the process by examining and validating the certificates and signed messages. See digital certificate, digital signature, root key, web of trust and DST.


Generating the Root Key
SafeNet's Luna CA3 is a hardware security module (HSM) that is used to generate the root key in a PKI system and keep the private key secure. It uses a pin entry device (PED), EEPROM-based data keys and a PC Card reader that attaches to the server via an LVDS cable and PCI adapter. Containing a processor, firewall, flash memory and RAM, the PC Card is built with extra epoxy and secured with triple DES encryption. The card will destroy its contents if compromised.
References in periodicals archive ?
Baltimore Technologies: "The PKI Forum will enable customers to see demonstrable interoperability among the leading PKI vendors," said Paddy Holahan, executive vice president of marketing.
In addition to supporting the Army's PKI initiatives, the contract award to TKCIS will help the Army expand its efforts to increase the percentage of government contracts awarded to Native American and tribally-owned small businesses.
The F-Secure SSH for UNIX with DoD PKI certification was granted as a result of rigorous testing by the Joint Interoperability Test Command (JITC) Certification Lab, a unit of the DoD Defense Information Systems Agency (DISA).
See 2003 announcement: DataPower Announces XKMS Support for its XS40 XML Security Gateway, Enables Interoperability with Managed PKI Services and Systems (http://www.
The OASIS PKI Action Plan directly addresses these obstacles, calling for clear and specific guidelines for using PKI in the most relevant application types--document signing, secure email, and electronic commerce.
The Multinational Task Force -- which included participation by the United States, United Kingdom, Canada, Australia, New Zealand and Norway -- used PKI Express to exchange secure messages, such as ballistic missile alerts, intelligence alerts and information on other potential threats, with coalition members.
The prospective deal also would call for E-City Software to acquire a second process and methodology from PKI Solutions by assuming all of its rights in a market-ready, tech development project the start-up completed last year for a third party, Canadian company that sought to enter the lucrative but controversial cross-border prescription drug market.
We are extremely pleased to acquire the Baltimore PKI business and its world-class clients, employees and software.
The OASIS PKI Technical Committee will serve as a global information resource for PKI.
OASIS, the global standards consortium, today announced that it will expand its organization to include the security advocacy group, PKI Forum.
A new White Paper entitled "PKI and Financial Return on Investment" has been publicly released by the PKI Forum, Inc.