Sunday, July 05, 2009
Google  
Web voicendata.com
 Archive    
• Ad :- Enterprise Connect Awards 09: Nominations Open
 Home > V&D PLUS > NETWORK DATA SECURITY: PKI FAQs
  V&D PLUS
NETWORK DATA SECURITY: PKI FAQs
Monday, October 14, 2002

What is PKI?
Public Key Infrastructure (PKI) is a combination of software, encryption technologies, and services, which enables enterprises to protect the security of their communications and business transactions on the Internet.

PKIs integrate digital certificates, public key cryptography, and certificate authorities into a total enterprise-wide network security architecture. A typical enterprises’ PKI encompasses the issuance of digital certificates to individual users and servers, end-user enrollment software; integration with corporate certificate directories; tools for managing, renewing and revoking certificates; and related services and support.

How it all works?
The PKI uses asymmetric algorithm and requires two different keys. A party may have two keys, one for encryption and another for decryption. He can make one key publicly available, which can be used by the customer, the supplier or anyone, for the purpose of encrypting a sensitive communication to be sent to him or her. Therefore, it is called the public key. Once such encrypted message is received from outside, the person can use his second key called the private key for decrypting the message. The second key is kept under security.

The PKI can operate on a number of algorithms of which RSA is popular. However, only the person holding the corresponding key can decrypt the encrypted message by using a public key. This is so because the two keys are mathematically inter-related. Here, the level of security also depends on the length of the key.

Why is PKI needed?
PKI protects your information assets in several essential ways:

l Authenticate identity: Digital certificates issued as part of your PKI allow individual users, organizations, and web site operators to confidently validate the identity of each party in an Internet transaction

l Verify integrity: A digital certificate ensures that the message or document the certificate ‘signs’ has not been changed or corrupted in transit online

l Ensure privacy: Digital certificates protect information from interception during Internet transmission

l Authorize access: PKI digital certificates replace easily guessed and frequently lost user IDs and passwords to streamline intranet log-in security and reduce the MIS overhead

l Authorize transactions: With PKI solutions, your enterprise can control access privileges for specified online transactions

l Support for non-repudiation: Digital certificates validate their users’ identities, making it nearly impossible to repudiate a digitally ‘signed’ transaction later, such as a purchase made on a website.

What does the PKI security solution comprises of?
PKI is a vital element of e-commerce, as it ensures the security of electronic transactions and the exchange of sensitive information between parties that do not have a prior established business relationship through digital certificates. As the stage is set for large scale PKI implementation in India, it is important to analyze what pportunities and challenges lie ahead for PKI solution providers, especially in the context of distribution of digital certificates.

A complete PKI security solution comprises the following components, elements and functions that are vital to achieve the final state of robust security.

l Security Policy: A security policy is essential, as it defines the organization’s direction on information security and the principles involved in cryptography.

l Certificate Authority: A Certificate Authority (CA) forms a very integral part of a PKI as it manages the entire life cycle for public certificates. Some of its functions are issuing certificates to the user and binding the user’s identity with a digital signature, time stamping the certificate with an expiry date, storing and retrieving certificates using a directory service, etc.

l Registration Authority: A registration authority performs a critical function and is dedicated to user registration and accepting requests for certificates. The RA can be a function of the CA or a separate identity.

l Applications: PKI-enabled applications include e-mail and messaging, Web browsers and servers, secure electronic transactions (SET), electronic data interchange (EDI), etc.

What can you do with a PKI?
A PKI lets your enterprise take advantage of the speed and immediacy of the Internet while protecting business-critical information from interception, tampering, and unauthorized access.

PKI provides the following capabilities:

l Communicate securely with employees around the world: PKI offers users controlled access to your Intranet for all your corporate information, such as HR data, secure e-mail, and applications

l Exchange confidential data with business partners: PKI lets you create secure extranets and virtual private networks that give selected partners easy access to business-critical information stored on your internal network

l Safely, seamlessly integrate your supply chain: PKI provides a protected environment for safe information exchange at every stage of your manufacturing processes

l Take advantage of secure e-commerce: PKI lets you offer customers the confidence to purchase your goods and services on the web

Swapan Johri, head (security) HCL Comnet

Page(s)   1  

Print this article Comment This Email this article
VoIP: At the Cost of...
VoIP: FAQs
TARIFF SCHEMES: Up BSNL’s Sleeves
 





 

Current Issue


Innovation, Winning the future with ZTE

Reduce your TCO now with INGRES





Your Opinion Matters

Does cloud computing cast a cloud on the future of IT professionals?

Is your Accounts Payable Solution working for you? Think Again…

   CIOL Services
IT News | IT Jobs | IT Outsourcing | IT Shopping
 



  For Voice&Data Print Subscription
  [ Magazine Subscription ]  [ Contact Info ]  [ Advertise : Online | Magazine | Advertising Print | Mediakit Print ]
 
Other CyberMedia web sites
[Dataquest]  [PCQuest]  [CIOL]  [Living Digital]  [IDC India]
[DQ Channels]  [The DQweek]  [CyberMedia Events]
[CyberMedia Digital]  [Cyber Astro]  [CyberMedia India]
[Global Services]  [BioSpectrum]  [BioSpectrum Asia]
[Computer Shopper]   [College Buying Guide]   [Voice&DataConnect

CyberMedia India Ltd

 
  Copyright © CMIL. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.
Broken links? Problems with site? Send email to webmaster@ciol.com