What is Public Key Infrastructure ( PKI )
A combination of set of hardware, software, policies and procedures needed to create, manage, distribute, use digital certificates and manage public-key encryption is called Public Key Infrastructure ( PKI)Its sole purpose is to facilitate the secure electronic transfer of information for e-commerce, internet banking and confidential & email. It is important to note, A PKI is not an authentication method; rather it is an infrastructure that uses digital certificates as an authentication mechanism and is built to better manage certificates and their associated keys. A digital certificate is itself a way to reliably identify the user or computer claiming to be the owner of a specific public key.
The PKI environment is made up of five components
serves as the root of trust that authenticates the identity of individuals, computers and other entities in the network.
saves certificate requests issued and revoked certificates from the RA or CA.
is certified by a root CA to issue certificates for uses permitted by the CA. In a Microsoft PKI environment, the RA is normally called a subordinate CA.
saves issued certificates and pending or rejected certificate requests from the local computer.
Key Archival Server
saves encrypted private keys in a certificate database for disaster recovery purposes in case the Certificate Database is lost.
What are Digital Certificates
A digital certificate (DC) is a digital file that certifies the identity of an or institution, or even a router access to computer based information. It is issued by a Certification Authority (is issued by a Certification Authority (CACA) and serves the same purpose as a driver’s license or a passport. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority (CA). A Digital Certificate allows a person, organization to send any data/information securely over the internet using the Public Key Infrastructure (PKI)
EZMCOM’s PKI Tokens
Mobile PKI Token:
True out-of-band PKI from EZMCOM’s Mobile PKI Token provides a rapid and highly secure implementation that scales rapidly and allows organizations to go to market with a user friendly mobile experience.
Biometric PKI Token:
A 32-bit high-intensity smart card based portable biometric USB token. By using the unique fingerprint verification rather than the traditional password verification,it puts an end to security risks caused by stolen of USB token and PIN.
Standard PKI Token
Full-range-solution from cost-effective secure chip device to latest 32-bit high performance smart card chip device with option to have Flash ROM, Mass storage and zero-footprint plug-and-play experience.
Ease of use
Simplifies PKI based transaction signing experience for users enabling an organization to implement secure, non-repudiation environment for virtually any typeof electronic transactions.
Rapidly scalable architecture
Scales to support large customer bases, and unlike conventional hardware based PKI it provides high availability required for customer-facing systems.
Ease of PKI deployment
Plug-and-play design simplifies integration with existing and future applications with minimal change.EzIdentity™ integrates with existing Certificate Authority or provides in-built Self-Signed Certificates for rapid go-to market.
Return on investment
EzIdentity™ mSign provides mitigated risk, increased compliance, strength of non-repudiation, lower costs. Compared to competitive hardware based PKI products, EzIdentity™ mSign provides significantly lower total cost of ownership (TCO) and higher return on investment (ROI).