PKI stands for Public Key Infrastructure. The X.509 standard defines a PKI as "The set of hardware, software, people and procedures needed to create, manage, store, distribute and revoke certificates based on public-key cryptography." PKI has three components in its basic form:

• Public/Private keys
• Digital Certificates, and
• A Certificate Authority (CA)

In a typical PKI deployment, each user is assigned a pair of linked keys - a public key available to others through a CA, and a private key, which is kept secret on the user's client. A user sending a secure message uses the receiver's public key to encrypt the transmission so that only the intended recipient can read the message.

• Internet Protocol Security (IPSec): IPSec is used for authenticity of two communicating hosts not users. Mostly used for building VPN and connecting a remote machine.
• Secure Socket Layer/Transport Layer Security (SSL/TLS): SSL/TLS works over TCP and tunnels other protocols using TCP, adding encryption and authentication of the server and optional authentication of client. SSL is in the process to be taken over by TLS.
• OpenPGP and S/MIME: Two competing incompatible standards for securing email.
• SSH: Used for securing remote terminals over internet
• Kerboes: Used for single sign-on and authenticates users against a central authentication and key distribution server

Disclaimer

The views expressed in the blog are those of the author and do not represent necessarily the official policy or position of any other agency, organization, employer, or company. Assumptions made in the study are not reflective of the stand of any entity other than the author. Since we are critically-thinking human beings, these views are always subject to change, revision, and rethinking without notice. While reasonable efforts have been made to obtain accurate information, the author makes no warranty, expressed or implied, as to its accuracy.