Define PKI Public Key Infrastructure and list and discuss th

Define PKI (Public Key Infrastructure) and list and discuss the types of protection that it offers. Give an example of where PKI is utilized in daily activity,(industry).

Solution

Answer:-

PKI (Public Key Infrastructure) :

Public Key Infrastructure (PKI) is a popular encryption and authentication approach used by both small businesses and large enterprises.

What Is Public Key Infrastructure (PKI) :

The PKI environment is made up of five components:

1) Certification Authority (CA) -- serves as the root of trust that authenticates the identity of individuals, computers and other entities in the network.

2) Registration Authority (RA) : -- is certified by a root CA to issue certificates for uses permitted by the CA. In a Microsoft PKI environment, the RA is normally called a subordinate CA.

3) Certificate Database : -- saves certificate requests issued and revoked certificates from the RA or CA.

4) Certificate Store :-- saves issued certificates and pending or rejected certificate requests from the local computer.

5) Key Archival Server :-- saves encrypted private keys in a certificate database for disaster recovery purposes in case the Certificate Database is lost.

6) PKI is a very effective method for implementing multi-factor authentication. Some companies, such as Unisys, require that devices that are attached to the corporate network must be able to use PKI for the encrypted and authenticated exchange of information.

7) In cryptography, a PKI is an arrangement that binds public keys with respective identities of entities (like persons and organizations).

8) A public key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity.

Types Protection:

1) Encryption and/or sender authentication of e-mail messages .

2) Encryption and/or authentication of documents .

3) Authentication of users to applications (e.g., smart card logon, client authentication with SSL). There\'s experimental usage for digitally signed HTTP authentication in the Enigform and mod_openpgp projects .

4) Bootstrapping secure communication protocols such as Internet key exchange (IKE) and SSL. In both of these, initial set-up of a secure channel security association uses asymmetric key , public key methods, whereas actual communication uses faster symmetric key, secret key methods.

5) Mobile signatures are electronic signatures that are created using a mobile device and rely on signature or certification services in a location independent telecommunication environment.