PKI is a technical and organizational infrastructure for secure data exchange over unsecured networks using an asymmetric encryption scheme (public and private keys) with public-key certificates to protect confidentiality, integrity, and nonrepudiation of transmitted messages.
Published in Chapter:
Federal Public-Key Infrastructure
Ludwig Slusky (California State University–Los Angeles, USA) and Parviz Partow-Navid (California State University–Los Angeles, USA)
Copyright: © 2008
|Pages: 12
DOI: 10.4018/978-1-59904-857-4.ch040
Abstract
All branches of federal government are required to change their business practices to a paperless operation. Privacy and information security are critical for the protection of information shared over networks internally between the U.S. government agencies and externally with nonfederal organizations (businesses; state, local, and foreign governments; academia; etc.) or individuals. The public-key infrastructure (PKI) is the simplest, most widely used architecture for secure data exchange over unsecured networks. It integrates computer hardware and software, cryptography, information and network security, and policies and procedures to facilitate trust in distributed electronic transactions and mitigate the associated risks. Federal PKI (FPKI) is PKI designed for implementation and use by government agencies. Federal PKI research was under way since 1991, and by the end of 2005, the federal PKI included 13 cross-certified federal entities, three approved shared service providers (SSPs; Verisign, Cyber- Trust, National Finance Center/U.S. Department of Agriculture [USDA]), one state, and three foreign countries (Canada, UK, and Australia; Alterman, 2005). Initially envisioned as an interoperability mechanism for federal organizations exclusively, the federal PKI is now positioned for trust interoperability and cross-certification internally among federal agencies and externally with other organizations.