| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Public Key Infrastructure (PKI)
A PKI (public key infrastructure) enables Network and Internet users to securely and privately exchange data, private information, and currency through a cryptographic public/private key pair that is shared through a trusted authority, such as DigiCert, Inc. Public key infrastructure enables the use of digital certificates to identify individuals or organizations and directory services that can store and, when necessary, revoke the certificates. Although the components of a PKI are generally understood, a number of different vendor approaches and services are emerging. Meanwhile, an Internet standard for PKI is being worked on.
The public key infrastructure uses public key cryptography to authenticate identity, or encrypt a digital online payment. Cryptography involves the creation of a "secret key" for SSL decryption and encryption. Secret or private key systems are insecure if the password can be decrypted easily. So public key cryptography and the public key infrastructure is critically important for ecommerce businesses on the Internet. Asymmetric cryptography is the the public key system, and "symmetric cryptography" is the private key system.
A public key infrastructure is created when a certificate authority (CA) issues and verifies digital ssl certificates with public keys. Then a registration authority (RA) verifies the certificate authority and issues the SSL digital certificate, and it is placed on the secure server, where the certificates
(with their public keys) are held.
|
