Imagine that the internet is a city, it would be the most crowded city in the world. Inside this city, you would also discover that not everyone is who they seem to be even yourself.
Inside a small company and with face to face interactions, you would use badges with pictures and names on them to identify people working in the company. If the badge has the company’s logo, then you can assume that the person is authentic.
When it comes to digital collaboration and e-commerce transaction, you usually to deal with people who you did not meet before, maybe located at the other side of the word, but yet you need a way to verify their identity and perhaps send them information that no one should see across the open internet.
Public Key Infrastructure is a framework that helps identify and solve these problems for you by establishing safe and reliable environment for electronic transactions in the internet. It uses public key encryption techniques to protect the confidentiality, integrity, authenticity and non-repudiation of data.
People and services in the internet are issued a digital certificates that uniquely identify them in the digital word, much like the corporate badge with your photo and name on it.
The Certificate Authority is the component responsible of issuing digital certificate after verifying the identity of the requester. If you trust the certificate authority, then you can trust digital certificates it issues.
A certificate authority maintains a revocation list that contains all digital certificates cancelled or suspended before their expiry dates.
Each digital certificate contains a pair of keys. A private key kept secretly by the holder of the digital certificate and corresponding public key which is known to others.
This pair of asymmetric but matching keys will be sued for data encryption to ensure confidentiality.
Take email message transmission as an example. A sender can use the intended recipient’s public key to secure the content of an email message. When the recipient receives the message, he will need to use the corresponding private key that he keeps to unsecure the message. By doing so, the confidentiality of the email content will be secured.
Furthermore, integrity, authenticity and non-repudiation of the email message can happen by creating a message digest to ensure the message is not altered during transmission.
Public Key infrastructure enables a wide variety of technologies, like SSL for secure browsing and transactions, enhance your wireless security by implementing industry standard verification and authentication, secure remote access to your enterprise network. In addition, you can start providing encryption and digital signature to your corporate email communication, and maybe encrypting your sensitive documents on your local drives. As passwords are very basic method for authentication, two factor authentication is the best way to raise your authentication level by implementing smart cards.
Watch this post as a YouTube Video