Public key infrastructure: a micro and macro analysis
Introduction
As technology increasingly plays a key role in how people communicate and do business, the authentication and the verification of that information becomes an important issue to consider. The Internet is used to store, inform, communicate, and transact data on an everyday basis. The security of that data is essential to most companies and individuals. Corporate espionage, E-commerce fraud, and the theft of intellectual property have given rise to digital security. PKI is seen as the answer to electronic security, ensuring the authenticity of the communicators' identities, and protecting the privacy of the information. Many predict that the growth of public key cryptography will allow E-commerce to flourish providing the necessary security blanket to waylay consumers' fears of online fraud.
The Internet population has risen from 144 million in 1998 to 327 million in 2000. Still, this figure is predicted to jump to 1 billion users by the year 2005 [22]. Additionally, online retail sales were nearly $3 billion in 2000, and expected to jump to over $8 billion in 2005. In order for this growth to occur, users must be totally convinced in the reliability, security, and authenticity of transacting online [23].
The following paper will examine public key infrastructure starting with an overview of PKI. The overview will define what PKI is and also discuss the components, characteristics, and functions of public key infrastructure. The paper then will examine the internal factors affecting PKI. A third section will look at the current developments of public key infrastructure; looking at its organizational, commercial, global affects, and a case study of a Public Key solution provider. The paper will then discuss the future implications of PKI, detailing the obstacles to its adoption as well as the legal implications that it offers.
Section snippets
PKI: an overview
For a means of communication to be accepted, it must offer the reliability of traditional methods, such as sending a letter or making a phone call. Likewise, in order for that new technology to be accepted as a method of conducting business transactions, it must also be as reliable as traditional means of purchasing: cash, check, or credit card. There is no question that new technology and the Internet can speed the delivery of information and online transactions. Yet, without the proper
PKI: strengths and weaknesses
PKI has proven to be very extensive in its definition and in its framework. Many of the benefits of using PKI have already been mentioned, verification of sender and recipient, securely transferring data online, providing legal basis to conduct Internet transactions, and providing authenticity to web communication. Private Key Infrastructure offers additional benefits as well. Users of PKI can expect to save time conduction online communication and transactions. They no longer have to spend
PKI: a micro-analysis
In order to understand Public Key Infrastructure, it is important to look at the internal factors that come into play. These factors include the hardware and software, the system needed to properly implement a digital security system, the involved parties to PKI adoption, and related technologies.
PKI: a macro-analysis
Also important in understanding a Public Key Infrastructure is looking at the external factors that have been affected by the system and which have also played a role in the system's adoption. The macro-analysis will conclude with a case study of VeriSign, a leader in PKI. While the security system is certainly not in a mature stage, some industries seem to have a greater curiosity than others do at this present time.
PKI: a case study
VeriSign is a leader in digital IDs, offering various PKI solutions and acting as a Certificate Authority as well. The company looks to be the hub in a company's PKI integration, providing digital certificates to employees and trading partners, while maintaining a secure environment for the company.
VeriSign offers an outsourced solution for companies looking to implement a Public Key Infrastructure. The company maintains the responsibility of issuing digital certificates while the client
PKI: future implications
Many see PKI as providing consumers with the necessary confidence in conducting business transactions over the Internet. As public key systems are increasingly adopted and used, E-commerce is believed to grow. Yet, there are still many questions regarding Public Key Infrastructure and not everybody is so excited in regards to its possibilities.
Conclusions
At present, there is a need for a digital security system such as PKI. As more data is being stored and communicated electronically, it has become essential to protect that data. The greatest impact can be seen in E-commerce. For online transactions to grow in adoption, companies and consumers must be comfortable with the technology and at the same time have confidence that the transaction information is secure. While it is easy to see the growing comfort that the global population has with the
References (23)
1 in 3 Internet Users Banks Online
- Anonymous, Digital Signature Guidelines, American Bar Association, Section of Science and Technology, Information...
Electronic signatures
The U.S. federal PKI and the federal bridge certification authority
The internet public key infrastructure
IBM Systems Journal
(2001)- Birch, D., E-commerce: Sign on the Dot: from today, digital signatures in the EC are as legally valid as handwritten...
PKI policy pitfalls
- et al.
Public key infrastructures—the next generation
BTexact Technology
(2001 (July)) Click on the dotted line: E-signatures come of age and make the future of E-commerce a little brighter
New Jersey Law Journal
(2001 (August 20))- et al.
Network security: it's time to take it seriously
Computer
(1998 (September))
Standards slow embedded PKI growth
eWeek
Cited by (7)
Increment of insecure RSA private exponent bound through perfect square RSA diophantine parameters cryptanalysis
2022, Computer Standards and InterfacesCitation Excerpt :To date, the Internet population has risen from 144 million in 1998 to approximately 4.66 billion as of January 2021. Thus, the execution of information transfer over multiple channels in our daily life has demanded an efficient exchange of secure information [2]. This prime need for information security has led to the emergence of a variety of cryptographic algorithms to implement security in different dimensions and for various purposes [3].
An all-in-one mobile drm system design
2010, International Journal of Innovative Computing, Information and ControlThe benefits of PKI application and competitive advantage
2008, WSEAS Transactions on CommunicationsSecure internet access to gateway using secure socket layer
2006, IEEE Transactions on Instrumentation and MeasurementManaging information systems security and privacy
2006, Managing Information Systems Security and PrivacyA patient-identity security mechanism for electronic medical records during transit and at rest
2005, Medical Informatics and the Internet in Medicine