The Business Alignment Experts

+1 703 365 2227

Services

hsm

Public Key Infrastructure

Print Friendly

For a major financial services institution, Uniplus implemented a secure login feature using the PKI infrastructure.  This featured a unique login key generated for each sign on procedure, and provided protection against password replay attacks, such as key stroke recording or line interception.

We offer IT security consulting services specializing in Public Key Infrastructure (PKI) and risk assessment.

  • We have implemented our proven PKI methods to¬†protect systems that transmit trillions of dollars per day.
  • Our clients include major commercial organizations throughout the financial industry.
  • PKI provides Confidentiality, Authentication, Integrity, Non-Repudiation and Data Integrity
  • Our PKI services include Encryption, Security, Digital signature, Key Backup and Recovery, Automatic key update, Key history, cross-certification, support for non-repudiation, time stamping, client software, Integrity, Confidentiality
  • Incorporate both symmetric key and Public Key techniques
  • Incorporated Digital Certificate and Digital signature

Our solutions deliver you the highest possible protection with minimal performance impact through:

  • Using the strongest keys allowed by law
  • Using PKI to implement signature authentication and non-repudiation as well as encryption
  • Using multiple encryption steps to protect different parts of transactions
  • Employing a secure secret distribution process to deliver the proof of identity to the user when she first joins the system

 

A public key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. PKI is used where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred. A public key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity.

A PKI consists of:

  • A¬†certificate authority¬†(CA) that both issues and verifies the digital certificates
  • A¬†registration authority (RA)¬†which verifies the identity of users requesting information from the CA
  • Certificate holders – to sign and encrypt digital documents
  • Clients- to validate digital signatures and their certification path from a known public key of a trusted CA
  • Repositories- to store and make available certificates and Certificate Revocation Lists(CRLs)