Public Key Infrastructures (PKI) are a trust management technology for public keys, consisting of several interconnected Certifying Authorities (CAs). The CAs issue certificates that establish ownership of public keys, which can be used to support authentication, integrity and privacy. The structure of a PKI can be quite complex, and securing PKIs has therefore become a major concern, exacerbated with the commercialization of the Internet.
Secure Public Key Infrastructure: Standards, PGP and Beyond focuses on security aspects of public key infrastructures, addressing such issues as inadequacy of security checks when certificates are issued, and revocation time. The editor presents several possible solutions for withstanding malicious attacks, while laying the groundwork for future safeguards.
Secure Public Key Infrastructure: Standards, PGP and Beyond is designed for practitioners and researchers in industry, as well as advanced-level students in computer science and mathematics.
Designed for practitioners and researchers in industry, this wide-ranging handbook provides a professional-level examination of security aspects of public key infrastructures. Where other references focus solely PGP or on X500/X509, Secure Public Key Infrastructure goes further to deal with corrupt certification authorities (CAs) and CAs whose computers were hacked. Most important, this reference includes strategies to survive limited malicious attacks on public key infrastructures, and lays the groundwork for the development of future safeguards.
