cv cryptovision GmbH | T:+49 (0)209/1 67 - 24 50 | F:+49 (0)209/1 67 - 24 61 | info(at)cryptovision.com
 
You are here: Technologies | PKI

Breaking News:

11.02.08, 09:19 Uhr

Austria Card issues new version of ACOS

27.08.07, 09:42 Uhr

Specific recommendation for cv act s/mail

go to Archive ->

Dates

Januray 20th - 22nd

Omnicard in Berlin

March 3rd - 5th

Embedded World Conference

Public Key Infrastructure

A Public Key Infrastructure (PKI) represents an infrastructure to manage public key certificates. A PKI does not create security by itself, instead it is a combination of hardware and software components, and policies and various procedures.

A PKI safeguards the management of identity, in that it enables digital signatures, strong authentication and encryption. PKI uses a combination of public and private keys, in order to sign or to encrypt identifications, documents and messages. The chief component of a PKI is called the Certificate Authority (CA), which issues electronic certificates. Digital certificates and signatures certify the identity of the user and the devices within a public system such as a company network or the Internet.

Digital certificates are the transformation of physical - to electronic identification. They are the digital equivalent to the presentation of a passport.
Electronic certificates authoritatively vouch the identity of the user or device within the IT infrastructure of a business. Without the authenticity of certificates the exemplary requirements described above would not suffice.

The aim of compliance is to form the basis by which digital communication and business processes can be reproduced and documented free of any possible legal objection. Such non-repudiation of data stored is thereby indispensable.

Existing in the IT world without certificates, means repudiation is possible, so no compliance. The prerequisite for the issue of certificates is a PKI. This boils down to meaning: No compliance without PKI.

Security Solutions based on PKI Structures

Email Encryption

In all large organizations confidential messages are often sent by electronic mail. Uninvited readers of such messages are by no means rare in the World Wide Web and is simple to write emails with a falsified identity. Therefore emails must be encrypted and digitally signed in order to prevent the abuse of data.

VPN

A virtual private network (VPN) is a computer network that transports private data across a public medium (e.g. the Internet). Users of a VPN can exchange data just as with and internal LAN. The danger that trespassers might be able to spy on the VPN's internal company data is especially great. Connections across the public network medium should therefore by encrypted.

Single Sign-On

Single Sign-On (abbreviated SSO) means that a user can gain access to all computers and services he is authorized to use, following a one-time authentication, without needing to login each time. An authentication using Smart Cards and certificates can prevent sensitive company data being spied upon or falsified.

WLAN

Wireless LAN (WLAN, Wireless Local Area Network) refers to a cable-free, radio carried local network, by which a user can login to gain wireless access to a company network or the Internet. Especially with regard to such transmission, encryption is a necessary safeguard against potential data abuse.