Public Key Infrastructure encompasses comprehensive security technologies and policies using cryptography and standards to provide fundamental computing infrastructure improvement. PKI features:
Point solutions exist for each feature, but only PKI addresses them all well with standards and broad industry support. Robust services and commercial and open source tools provide a sound PKI foundation. Browsers, Web servers and services, email readers and list servers, database servers, PDF readers, VPN appliances, WPA wireless authentication, USB keys, and smart cards all have integrated PKI support. Because PKI is standards-based, these all can interoperate with each other.
PKI uses asymmetric key pair encryption. One key of the pair is the only way to decrypt data encrypted with the other. Users and servers have industry standard certificates to associate their key pairs with their identity and information such as the authority that issued the certificate and designated uses for the certificate. Certificate Authorities (CAs) issue PKI certificates and attest to the validity of the identity specified by the certificate. Operating systems, applications, hardware add-ons, and servers use PKI certificates and keys for authentication, digital signing, authorization and encryption. PKI enables trust between two or more parties (possibly from different organizations or nations) without prior knowledge of each other.
Slides Introducing PKI Technology
PKI uses X.509 certificates associated with asymmetric keys accessed by applications in a key store.
Slides About Certificates
Slides About Key Stores