A public key infrastructure (PKI) is widely described as a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
With the inherent security risks prevalent in the use of global networks, eCommerce, and online services, privacy and encryption has become a primary concern for both consumers and businesses.
You certainly don’t want to gamble with unsecured sites for such activities as investing or managing bank transactions.
Providing an easy target for hackers is not in your best interest. Public Key Infrastructure (PKI) is a solution not only for providing assurance of encryption, but also for authentication of the parties’ identities.
Encryption can be provided in exchanges over networks without PKI. But even though the data sent and received is encrypted, there is no authentication provided.
Elements of Public Key Infrastructure
PKI consists of multiple elements that combine to create a trusted method of exchanging data and messages across private and public networks with a high level of security and privacy.
This is much more than encryption. As its name implies, PKI creates a secure infrastructure for companies and organizations to exchange data and conduct business, through an environment of certificates, keys, and hardware components. This enables systems to identify with accuracy the source of the transactions being received.
In order for businesses to build a public key infrastructure environment, there are standard requirements that must be met.
Applications must be capable of taking advantage of digital signatures and encryption. Without that ability, a public key infrastructure is of no value.
Transparency is another issue. PKI manages certificates and keys without knowledge within the underlying applications, meaning the infrastructure is transparent to the business functions responsible for processing the data.
Other items of importance for implementing a PKI environment:
- Certificate repository
- Revocation of certificates
- Public key certificates
- Digital signature non-repudiation support
- Backup/recovery of keys
- Automatic updating of certificates and key pairs
- Cross-certification support
- Key management and history management
Client application software must be capable of interacting with your PKI in a reliable, consistent, secure manner to ensure application integrity and effective security.
Certificates, Keys, and Certificate Authorities
To implement a public key infrastructure, both parties that are exchanging data must be assured of the authentication of the other party.
To establish this layer of security, each party must obtain a registered identity, known as public key certificates. These are provided through Certification Authorities (CAs), who create digital signatures (certificates) that bind the user to these specific public keys.
CAs provide the level of trust between owners of the public keys and those who exchange data through the certificate owner’s PKI.
Since the CA is essentially a third-party providing a trustworthy certificate, it is important to deal with a reputable dealer or CA when procuring public key certificates for your business. Certificates created by your CA include the following information (and possibly more):
- The distinguishing name (DN) of the certificate owner that uniquely identifies you to other parties
- The public key that belongs to the business owner – this allows others to authenticate the digital signature and perform the encryption
- Validity date range of the certificate – start and end dates
- Functions for which the public key is valid – signature verification, encryption, or both
There are many safeguards and security benefits inherent in the Certification Authority methodology. Users validating a public key can trust that the key is valid at multiple levels:
- CAs include a signature on the public key which easily reveals any tampering or corruption that has taken place on the key. Validating this CA signature demonstrates the validity of the public key.
- Users can validate that the distinguished name on the key is the party they expect to be exchanging data with, and can withdraw activity that appears incompatible with such expectations.
- Dates can be verified as being active and legitimate public keys.
- Functions for which the public key are intended can likewise be validated for their expected purpose.
These validations allow for confidence in the secure electronic exchange of information.
Backup and Recovery of Keys
Encrypted data is of no value without the corresponding keys that allow the information to be decrypted for business use. In the case of historical data, or password-protected keys, data could be rendered totally useless if passwords are lost, or decryption keys cannot be retrieved.
This makes backup and recoverability of public keys critical for business continuity and access to encrypted data.
Consider the alternative – save the data in decrypted form.
This defeats the entire purpose of encrypting data in the first place, storing your sensitive data in a format vulnerable to unauthorized access or theft by cyberthieves.
Inevitably, there will be transactions that are contested or denied. This is known as repudiation.
Since eCommerce and digital transactions dispense with traditional signatures, replacing them with their digital counterparts, signing private keys have become part of the transaction to identify the user.
This ensures non-repudiation, as the signing private key serves as proof of the transaction by the user. But if a user loses their password or key information, they will obtain a new one for future transactions.
Businesses implementing PKI must support the use of two key pairs for each user of the system – one pair for encryption and decryption, and a second for signature keys.
Updating and Managing Keys
Since digital certificates contain valid date ranges, they will expire over time. Additionally, it’s wise from a security standpoint to update key pairs periodically. Optimally, this process should be automatic and transparent to both parties in order to avoid any denial of service instances or rejected business transactions.
As keys are updated, history of prior key pairs must be archived to allow decryption of the data that was encrypted using the prior key pairs. Since only the key in use at the time the data was encrypted can be utilized to decrypt the information, pairs and data must be stored securely and retained in synch.
Certificate Repositories and Distribution
How are you going to keep track of all the certificates in use by your business and users? A standardized repository provides the storage and retrieval solutions. Your CA is the trustworthy issuer of certificates to your business, but you have the responsibility of storing the certificates needed for use by each of your applications.
LDAP (Lightweight Directory Access Protocol) is the industry standard and most common facility for storing and accessing certificates. LDAP supports a large volume of entries efficiently, making retrieval of certificates by applications a standard, transparent function.
To ensure the security of business transactions and to demonstrate the integrity of their certificates, CAs must frequently revoke certificates that are no longer trustworthy or no longer active. This could be due to detection of certificates that have been tamped with, expired, or have been deactivated by the owner.
Businesses often retain policies requiring revoking of certificates belonging to former employees or applications no longer utilized.
As a result, the CA will notify certificate holders through a certificate revocation list (CRL) that is published to a directory for clients. PKI within your company will interrogate this CRL before accepting the certificate as trustworthy and active.
It is often the case where your company may do business in multiple regions or countries, where locations must deal with their own local CAs. In such instances, the CAs exchange keys allowing them to interact with each other, via verification keys. This is referred to as cross-certification.
The validation between the two CAs is then transparent to the clients. Transactions among your business locations are still validated through normal processes of certificates issued by their local CA.
Just as certificates must be able to be revoked for security reasons, cross-certification must also be revocable.
Business Applications and Client-side Software
Business applications utilize your PKI functionality through the use of client-side software that enables the transparent use of encryption/decryption functions and processing of digital signatures.
Client software selected should include each of the features outlined above to provide the most efficient use and trustworthiness within your public key infrastructure.
Why Use PKI?
PKI is commonly utilized to authenticate user of smart card access systems. It is also an important function for enterprise business systems for authentication of users and transaction functions, utilizing Secure Socket Layer (SSL) encryption and signatures.
Other business functions benefitting from PKI initiatives include encryption of eXtended Markup Language (XML) documents, exchange of authenticated emails, and an expanding number of technologies.
PKI also facilitates the secure digital signing of electronic documents and forms, provides for the exchange of secure instant messages, and allows for the reliable management of enterprise databases and other storage.
PKI authentication also provides for secure connections to your business web pages as well as your private services such as virtual private networks (VPN) and internal WiFi use.
In summary, PKI provides your business with more than just encryption and decryption capabilities. With PKI your business is secure with enhanced visibility:
- Is the sender who they say they are (authentication)?
- Are the entitled to access (validation of certificate dates)?
- Do they have rights to a specific function (type of transaction)?
PKI combines these benefits with a comprehensive, standardized environment that businesses can trust to protect business-critical data and applications.
Click here to view a short YouTube video on the topic.