Exploring Public Key Infrastructure For Securing Digital Transactions

PKI is a catchall term for the infrastructure required to manage digital certificates and highly secure encryption. It encompasses a great deal: industry standards, software and hardware systems, business processes and security policies ? even human resources within a company responsible . . . PKI is a catchall term for the infrastructure required to manage digital certificates and highly secure encryption. It encompasses a great deal: industry standards, software and hardware systems, business processes and security policies ? even human resources within a company responsible for carrying out various "trust processes."

But the purpose of PKI is simple: to let companies and organizations conduct business on private networks and the Internet with the same level of trust we had in the old paper-based world. PKI has two main components

• Digital certificates: software "credentials" that verify who people are much like passports or driver's licenses (but stronger in several ways).
• Data encryption: a method of scrambling data as it moves across networks to hide its content and prevent unauthorized use.

The link for this article located at IBM is no longer available.