PKI generally refers to public key infrastructure. Public key infrastructure (PKI) is a collection of hardware, software, personnel, policies and programs, which is used to realize the functions of generating, managing, storing, distributing and revoking keys and certificates based on public key cryptography.
PKI system is the combination of computer software and hardware, authority and application system. It provides basic security services for the implementation of e-commerce, e-government, office automation, etc., so that users who don't know each other or are far away can communicate safely through the trust chain.
The process of PKI construction in the United States has gone through three stages: disorder before 1996, system construction with FBCA as the core during 1996-2002, and strategy management and system construction after 2003. Before 1996, many government departments established their own PKI systems, such as the US Postal Service, the Ministry of Social Security, the US Department of Defense, the Department of Energy, and the US Trademark and Intellectual Property Office.
1996 the United States proposed the federal bypass plan, which was officially announced in 200 1 year. It is planned to eventually establish PKI covering 80 institutions and 19 departments in the United States to protect the communication security of e-government. A typical PKI system includes PKI policy, software and hardware system, certification authority CA, registration authority RA, certificate issuing system and PKI application.
Pki security service:
PKI is widely used, which provides a complete security service function for data exchange in online finance, online banking, online securities, e-commerce, e-government and other networks. As a security infrastructure, PKI can provide six security services: identity authentication, data integrity, data confidentiality, data fairness, non-repudiation and timestamp.
Due to the openness and anonymity of the network, the threshold for illegal users to impersonate others to commit online fraud through some technical means is getting lower and lower, thus causing great harm to legitimate users and systems. The essence of identity authentication is the process of verifying the authenticity and validity of the authenticated object, which is considered as the basis of online transactions today.