PKI is all about providing encryption and identity
management services through the use of private and public keys to encrypt and decrypt
data. An enterprise PKI system allows you to centralize all aspects of key and certificate
management from generating, issuing, and even revoking keys and certificates.
PKI USES
PKI can be used for any number of applications that support the technology. Typically, all
the services that utilize PKI do so because as long as the private keys are kept secure, PKI
is by far one of the most secure methods for encrypting and digitally signing data. PKI
comprises multiple elements that can be used for different purposes. The most important
of these elements is the CA, which manages the certificates over which it has scope.
403 Chapter 12: Enterprise Public Key Infrastructure
Essentially, you can think of a certificate as a public key for your PKI. You can and sometimes
must use PKI in the following scenarios:
?–? Digitally sign e-mail to certify authenticity of its origin.
?– Encrypt e-mail so it can be viewed only by intended recipients.
?– Allow computers to communicate securely using certificates even over an
insecure network such as the Internet (IPSec).
?– Secure Web site traffic using SSL and certificates, essential for e-commerce.
?– Verify the authenticity of software (including device drivers) using signed
publisher certificates.
Pages:
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435