Public key infrastructure

An evolution to new business models that feature cloud apps, mobile workforces, Internet of Things, agile innovation, connected customers and virtually anything-as-a-service. Employees, customers, partners, and suppliers connected to the enterprise with real-time data flowing from products and services. So can hackers, thieves and others with bad intentions. How do you capitalize on all the upside of Digital Business without creating new security risks?


A public key infrastructure (PKI) supports the distribution and identification of public encryption keys, enabling users and computers to both securely exchange data over networks such as the Internet and verify the identity of the other party.

Without PKI, sensitive information can still be encrypted (ensuring confidentiality) and exchanged, but there would be no assurance of the identity (authentication) of the other party. Any form of sensitive data exchanged over the Internet is reliant on PKI for security.

A typical PKI consists of hardware, software, policies and standards to manage the creation, administration, distribution and revocation of keys and digital certificates. Digital certificates are at the heart of PKI as they affirm the identity of the certificate subject and bind that identity to the public key contained in the certificate.

  • A typical PKI includes the following key elements:Certificate authority (CA): issues digital certificates to entities and individuals after verifying their identity. It signs these certificates using its private key. Its public key is made available to all interested parties in a self-signed CA certificate.
  • OCSP Server: operate as a robust validation hub solution, capable of providing OCSP certificate validation services for multiple Certificate Authorities (CAs) concurrently.
  • TSA Server: provides independent and irrefutable proof of time for business transactions, e-documents and digital signatures.
  • LTANS: As part of complying with internal policies, external regulation or legislative requirements, certain business documents must be securely archived for a number of years into the future.

In order to provide the best product in the market, we build a strong and lasting partnership with Entrust DataCard, Ascertia, Gemalto, Safelayer, Realsec, Primekey.

  • Because messages are encrypted, they’re useless to anyone who steals them.
  • Encrypted information can’t be altered in transit — so if you receive something, you know it’s authentic.
  • People cannot claim they didn’t receive messages or information or payments because it is all tracked.
  • Your business become faster, smarter and more agile — from innovation to customer service to partner connectivity.
  • Allow people to work, collaborate and innovate — without traditional boundaries.