|
A Public Key Infrastructure (PKI) is a complete encryption system consisting of technical system components and procedures working in concert. PKI systems make use of special "asymmetric" encryption algorithms. Complementary pairs of keys are used: one of each pair, the public key, is normaly made freely available on a digital certificate; the other, private key is kept secret by the user's system. A message encrypted with either key from a pair can only be decrypted with the other. .
Although this basic description is fairly straightforward, PKI systems tend to become quite complex in practice due to the different types of information security functions that are often required, namely straightforward data/message confidentiality, digital signatures, message/sender authentication, message integrity, recipient authentication and secure time stamping. The mechanisms used to secure the issue of certificates are particularly important since compromise of the 'certification authority' would threaten the entire PKI system, but there are many potential risks in a complex PKI system. all elements have to be appropriately secured. CCCL's technical experts can help you specify, design, develop, test and implement a secure PKI system that works. We have the expertise to build an integrate the various technical components in a secure fashion, and to write the operating and other procedures to keep it running smoothly. Our experience in PKI and information security controls in general alows us to test PKI systems thoroughly using common and not-so-common hacker attack methods. We understand the practicalities of implementing PKI in an existing or new organisation: we can help with the change management and project management aspects. |
Close |
