Chapter 4. Core PKI Services: Authentication, Integrity, and Confidentiality
In the previous chapter, we looked at the concept of a security infrastructure and gave a definition of a comprehensive PKI. Now, consider the services that a PKI offers an organization. In this chapter, we examine the fundamental, or core, security services associated with a PKI; in Chapter 5, we examine a number of additional services that a PKI can enable for various business purposes.
A PKI is generally considered to be associated with three primary services:
Authentication is the assurance to one entity that another entity is who he, she, or it claims to be.
Integrity is the assurance to an entity that data has not been altered (intentionally or unintentionally) ...