Stepping Beyond the PKI Pilot
Written by
Steve Purser on 20/11/04 Source
InfosecWriters
Public Key Infrastructure (PKI) plays a critical role in enabling security on the Internet and other potentially hostile network environments. In such environments, it is common to deploy secure protocols to deliver authentication, confidentiality protection, integrity protection and non-repudiation.
While all this can be achieved without using PKI, setting up and maintaining the trust relationships that support these protocols turns out to be a major challenge when there are many parties involved. This is the challenge that PKI solves – it provides a framework, which allows a Trusted Third Party (TTP) to extend trust to other individuals or organizations (known as subscribers in this context), thereby providing them with a context to support some kind of exchange or transaction.
In addition to providing a trust framework, PKI is also a useful way of standardizing the implementation of the security services as it is based on the use of (usually X.509) certificates and standard, public key algorithms.
Read the complete paper at InfosecWriters
Broken link?
Sorry, you don't have permission to post. Log in, or register if you haven't yet.
Please login or register.