PKI

TECHNICAL DEFINITION

Public Key Infrastructure (PKI) is a comprehensive framework comprising policies, roles, hardware, software, and procedures to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. PKI enables secure communication, strong authentication, data integrity, and non-repudiation in digital environments by cryptographically binding public keys to verified identities through a trusted Certificate Authority (CA).

BACKGROUND

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.

SYNONYMS & ALIASES

• Public Key Infrastructure
• Digital Certificate System
• Identity Management System
• Certificate Authority System
• Asymmetric Encryption Infrastructure

USAGE NOTE

PKI is critical for secure web browsing (HTTPS), email encryption, digital signatures, VPNs, and device authentication, especially in defense and government sectors.

DEVELOPERS

Organizations developing technology related to PKI.

• DigiCert

  A leading global provider of SSL/TLS certificates and other PKI solutions, enabling secure digital identity and encrypted communications for websites, applications, and IoT devices.

• Entrust

  Offers comprehensive PKI solutions, including Certificate Authorities, hardware security modules (HSMs), and identity management, critical for securing government and enterprise environments.

• Thales

  A major provider of Hardware Security Modules (HSMs) and other cryptographic solutions that form the backbone for secure key management in PKI deployments, especially in defense and critical infrastructure.

• Microsoft

  Develops and integrates PKI services (e.g., Active Directory Certificate Services) into its operating systems and cloud platforms, widely used by enterprises and government for identity and access management.

• Keyfactor

  Specializes in PKI and machine identity management, helping organizations automate and orchestrate the lifecycle of certificates and cryptographic keys across complex environments.

• Sectigo

  A global Certificate Authority providing digital certificates for website security, IoT devices, and enterprise PKI solutions, essential for trusted digital interactions.

• GlobalSign

  A long-standing Certificate Authority offering PKI services for SSL/TLS, managed PKI for enterprises, IoT security, and digital signing solutions.

• HID Global

  Through its IdenTrust business, HID Global provides trusted identity solutions, including PKI certificates used by financial institutions, governments, and healthcare for secure digital transactions and identities.

• PrimeKey (now part of Keyfactor)

  Known for its EJBCA open-source PKI software, widely used by governments and large organizations to build and manage their own Certificate Authorities, offering high-assurance PKI solutions.