|Read this whole guide offline with no ads, for a low price!|
Use coupon code "certiguide" to save 20%!
|Need more practice? 300 additional Security+ questions!|
|Get It Here!|
4.3 PKI (Public Key Infrastructure)
A Public Key Infrastructure (PKI)
is the combination of software, encryption technologies and services
that enables enterprises to protect the security of their communications,
business transactions396 and proprietary data. As you might imagine
PKIs focus on the implementation of public/private key systems,
using key pairs to encrypt and decrypt messages. They also make
use of digital certificates and certificate authorities, discussed below.
According to Netscape Communications,
PKI protects your information assets in a variety of ways:
- Authenticate identity. Individual users,
organizations and their web sites use digital certificates, issued as
part of your PKI, to validate the identity of the parties to a transaction.
- Verify integrity. Ensure that the signed
message has not changed since being signed.
- Ensure privacy. Ensure that unauthorized
individuals cannot make use of confidential data.
- Authorize access. Digital certificates
can replace user IDs and passwords for login security, reducing
- Authorize transactions. The enterprise
can control access privileges for specified transactions.
- Support non-repudiation. Protects against
forging, and users later challenging transactions.
Adoption of PKI technology has been
slow due to the complexity and relatively high cost of PKI solutions.
However, the growing use of public-key based technologies such as SSL,
and improved awareness of security issues in the enterprise, are causing
PKI to be increasingly implemented in organizations today.
PKI is discussed in substantial depth
in the X.509 standard.
A Public Key Infrastructure (PKI) is the combination of software, encryption technologies and services that enables enterprises to protect their communications and data.
PKIs are implemented with public/private key systems that use key pairs to encrypt and decrypt messages.
PKIs use digital certificates and certification authorities for authentication.
396. Understanding PKI, http://verisign.netscape.com/security/pki/understanding.html
|If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!|
Table Of Contents - Contact Us
CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004
Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.