Chapter 1


Public key infrastructure (PKI) is an operational system that employs cryptography, information technology (IT), business rules, and legal matters as shown in the Venn diagram in Figure 1.1. While certainly there are legal, business, technology, and cryptography areas within any organization that function outside of a PKI, the fact is that a properly managed PKI requires all of these disparate disciplines to function effectively. The lack of one or more of these factors can undermine a PKI’s effectiveness and efficiency. Furthermore, all of these disciplines must interact and complement each other within a PKI framework.

Figure 1.1

PKI cryptonomics.

Cryptography includes asymmetric and symmetric encryption algorithms, ...

Get Security without Obscurity now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.