What is PKI?
PKI stands for Public Key Infrastructure. It is a framework that uses public key cryptography and X.509 standard to establish a level of trust within an environment. The framework consists of programs, data formats, procedures, communication protocols, security policies, and public key cryptographic mechanisms. PKI provides authentication (“you are who you say you are”), confidentiality (via encryption), non-repudiation (“you did what you did”), and integrity (“nothing was altered”) of messages or communications exchanged. It enables the secure exchange of messages and communications in a predictable and standarized manner.
Examples of its application include:
- secure user logins on websites
- secure communications between servers
- secure remote access of users and devices to corporate networks
- use of secure email (authenticate the sender, confirm that the email has not been tampered en-route)
- use of code signing (verify the source of code, software or updates, and attest to the integrity of it)
- use of document signing (verify the identity of signer on legal or financial documents, and attest to the integrity and non-repudiation of the signed document)