Public Key Infrastructure (PKI) Free Essay Samples & Outline
Are you in High School, College, Masters, Bachelors or Ph.D and need someone to help write your essay or research? We offer premium quality essay writing help. All our papers are original, 0% plagiarized & uniquely written by our dedicated Masters specialists. My Essay Services is an experienced service with over 9 years experience in research writing of over 97,000 essays over the years. You will receive a plagiarism check certificate that confirms originality for any essay you order with My Essay Services. Fill the calculator on your right to begin placing your order now!
Sample Essay on Public Key Infrastructure (PKI)
Public Key Infrastructure are systems applied in the public key identification and recognition of digital signatures in public environments thus enabling safe exchange of data and information over network platforms. “It has a number of security goals, such as accurate registration, which is the inability of a user to register an identity that does not belong to him or her, and identity retention, which is the inability of a user to impersonate an identity already registered to someone else.” Fromknecht et al (2014). They are applied in the management of certificates and keys. The utilization of PKI in the management of information within an organization ensures trust within the environments with which an organization operates in.
Fundamentals of PKI
The implementation of a transparent, automatic and usable PKI requires the utilization of number PKI fundamentals. An effective PKI is comprised of hardware, software procedures, policies and roles that act as a guide to the administrations and creation of the digitals certificates and keys. According to Slusky & Partow, “It integrates computer hardware and software, cryptography, information and network security, and policies and procedures to facilitate trust in distributed electronic transactions and mitigate the associated risks.” There exists a limited variation on both the server and clients sides in the use of PKI. In the administration of PKI, there must be a certificate authority who is the trusted party with which the services are provided thus ensuring that identities of all entities ranging from computers to individuals are effectively authenticated. A subordinate CA acts as the registration authority in the issuance of certificates that ought to be permitted by the root CA.
The PKI is also compromised of an effective database that stores issues concerning key and certificate requests. Private keys and certificates are stored on a certificate store which acts as the local systems. “A complete public key infrastructure is composed of several components which are: registration authority (RA), certificate authority (CA), security policy, PKI-enabled applications, distribution system, and certificate repository.” Albarqi et al, (2015).
Purpose in organizations
According to Ramadan et al (2016), “the public key infrastructure (PKI) is more compatible with the modern generations due to the superior communications features.” Firms ought to consider a number of factors in the implementation of PKI within business operations. The organization or individuals involved should be willing to take advantage of digital signatures and encryption in order to utilize the systems within the business. The user does not necessarily have to understand the techniques and approaches being employed within these systems in the provision of digital signatures and encryption services. Transparency is an important constraint that ought to be taken into consideration while utilizing these systems.
PKI in signing software
PKI systems have been effectively incorporated into an organization’s operations thus facilitating improved customer services, reduces costs of operations, smoothening of business processes. In addition to the ensuring trust during information sharing and storage, PKI will ensure that management of digital identities inventory, self-registrations, enrollment services and secure roaming and authentication of the PIN.
Companies can apply PKI signing software to identify the identity of the software such as those owned by the company. For example, software developed by a particular company could be signed in such a way that shows the ownership of the software by the enterprise. It can also be used to sign software being applied within a company thus eliminating access among individuals who do not have the authority to assess and utilize the software usually over the network. They are also used within the firms to ensure forms and electronic signing of software.
Public and In-house CAs
Internal CA is advantageous in that it facilitates easy management of the systems as they do not depend on external certificate sources. Moreover, they can be integrated effectively with minimal costs into an active directory within an organization. However, it might be too challenging to implement internal certificate authority (CA) as compared to an external CA. Overhead management for internal CA is usually higher than that of external CA with limited trust existing among the external parties.
External CA is advantageous in that they can be applied in different environments for accountability and security. External CA tends to capture the trust of external parties. Examples of external CAs include Thwate and Secure-Net. A major disadvantage of these is that they are less flexible when it comes to management, expansion and configuration of the certificates. Moreover, organizations will require purchasing external CA in order to effectively integrate them into an organization’s operations.
The rising technology has called for integration of PKI into an organization’s operations usually to enhance management of keys and certificates. Organizations ought to take into consideration a number of factors while implementing the systems into firms operations. PKI enhances the identity or authentication assurance among other parties in addition to ensuring confidentiality on the information being exchanged.
Albarqi, A., Alzaid, E., Al Ghamdi, F., Asiri, S., & Kar, J. (2015). Public Key Infrastructure: A Survey. Journal of Information Security, 6(1), 31.
Enaw, E. E., & Check, N. (2014, November). Public Key Infrastructure Deployment in Cameroon's Public Administration. In Proceedings of the 2014 Conference on Electronic Governance and Open Society: Challenges in Eurasia (pp. 26-29). ACM.
Fromknecht, C., Velicanu, D., & Yakoubov, S. (2014). A Decentralized Public Key Infrastructure with Identity Retention. IACR Cryptology ePrint Archive, 2014, 803.
Ramadan, M., Du, G., Li, F., & Xu, C. (2016). A Survey of Public Key Infrastructure-Based Security for Mobile Communication Systems. Symmetry, 8(9), 85.
Slusky, L., & Partow-Navid, P. Federal Public-Key Infrastructure.
Tan, S. Y., Yau, W. C., & Lim, B. H. (2015). An implementation of enhanced public key infrastructure. Multimedia Tools and Applications, 74(16), 6481-6495.