Definition of PKI
What is PKI?
PKI is an arrangement which provides for third-party vetting of, and vouching for, user identities. It also allows binding of public keys to users.
|
|
PKI
|
|
Securing Certificate Revocation List Infrastructures
Anyone working within a Public Key Infrastructure (PKI) or an environment that uses client side certificates should be concerned that during authentication the Certificate Revocation Lists (CRL) are consistently & properly verified. Microsoft's Internet Information Server (IIS) 5.0 built-in Certificate Revocation List Infrastructure has been openly questioned from several security professionals and been a part of at least one major security vulnerability. This research takes a closer look at the security issues when implementing a secure CRL infrastructure as well as looking deeply into how secure Microsoft's IIS 5.0 built in Certificate Revocation List Infrastructure is. Then we will explore alternative CRL solutions from Internet Standards, PKI Toolkits and middle-ware products. Finally, this research should provide you with the security awareness ins and outs for implementing a secure CRL infrastructure.
Read the Article
|
Public Key Infrastructure Issues in an Academic Healthcare Setting
Planning a Public Key Infrastructure (PKI) deployment in a healthcare environment is a challenge that has unique aspects, determined by the nature of the healthcare business and by the user community the PKI intends to support. Addressing a mixed environment, academic and healthcare, adds complexity to the problem because of the mixed IT infrastructure likely to be seen in such environments and because of user education issues. The paper intends to give a general overview several specific issues related to the PKI deployment process emphasizing the particularities of a mixed environment. We assume that the reader is familiar with the functions various components of a PKI should perform.
Read the Article
|
Implementing PKI in a Heterogeneous Environment A Primer on Digital Certificate And Key Formats
This document will discuss the various file formats for both X.509 digital certificates and encryption keys. It will also bring to light potential issues one would face when implementing a public key infrastructure (PKI) in a nonheterogeneous environment. In particular, the focus is specifically on the topic of binary and PEM encoded digital certificates and the Public Key Cryptography Standards (PKCS) file formats. Further, the discussion will also include some hard learned lessons on the nuances of supporting and implementing diverse systems that utilize digital certificates. As we'll see, required digital certificate file formats will vary from application to application. Although a light overview of PKI and digital certificates will be provided, this document assumes the reader has some familiarity with the secure sockets layer (SSL) handshake and how digital certificates are utilized within a public key infrastructure.
Read the Article
|
Key and Certificate Management in Public Key Infrastructure Technology
The intent of this paper is to provide an overview and briefly discuss the various phases involved in Key and Certificate management. Anyone interested in understanding this specific process will find this paper useful. A basic understanding of PKI Technology is assumed. Key and Certificate life cycle management is an essential and crucial process in Public Key Infrastructure technology. There are several stages involved in this process and how it is managed will determine the success or failure of a particular deployment whether using a vendor's services and expertise or building one's own (a rare scenario). Thus, it is necessary to gain a good understanding of this aspect of PKI, to be able to participate and contribute to a successful implementation.
Read the Article
|
A Business Perspective on PKI: Why Many PKI Implementations Fail, and Success Factors To Consider
This paper is intended to provide an overview of PKI and how a PKI implementation affects the entire organization. Information included in this paper may help business areas understand how PKI can be used to achieve tactical and strategic business objectives, and assist with identifying factors required for a successful PKI implementation. This is a broad overview of the major components and issues, intended to familiarize nontechnical persons or those new to PKI with some of the basic PKI concepts and functions. It is not intended to be all-inclusive. Each PKI installation is unique, and individually tailored for the technical and cultural environment in which it is implemented. The intention is that this information will generate a discussion of security alternatives and support appropriate business decisions regarding PKI.
Read the Article
|
Interoperability in PKI
This paper will introduce some of the interoperability issues in PKI which applies to processing and managing the establishment of those trust and the challenges it faces. With increasing emphasis and reliance upon everything from VPNs and ecommerce to remote access and authentication, PKI is rapidly becoming an essential piece of the information age. However, there are several factors that have kept PKI from widespread deployment including confusion about what makes up a PKI, the complex and costly implementations, and immature industry standards and incompatibility among those standards. In the environment of electronic communication, the establishment of trust depends on electronic or digital objects and processes and procedures that manage them.
Read the Article
|
Public Key Infrastructure
Public Key Infrastructure aka PKI vaunted as the solution for addressing the network security issues in the cyberspace using cryptographic techniques. This article discusses about how the PKI attempts to address network security threats and issues associated with the PKI.
Read the Article
|
|
|
Page: 1 2
Members currently browsing this category:
|
|
