Internet Security: A Jumpstart for Systems Administrators and IT Managers

In Chapter 6, we briefly covered Public Key Infrastructure (PKI). This chapter is devoted to this topic. We have discussed SSL, encryption, and certificates. Now we are going to focus on Public Key Infrastructure. PKI is slowly immersing itself into the business enterprise. Lotus Notes has had a PKI since Release 1.0. For an effective PKI to be implemented, however, you will need to have some idea of what this beast is. As you might guess, public key cryptography requires a public key infrastructure. What is driving this use of PKI are applications and access to those applications. Businesses around the world are deploying new generations of business-critical applications, and in many cases, these are distributed applications. These applications are serving the following types of environments: customer to business; business to business; and employees to business.
This environment is one in which the customer will use the Internet to interact with a business. Customer-to-business access is not only to "buy" something. Following are a few examples of other uses this type of access provides. It can:
Look up information on a product or service
Inquire or make a change to an order
Place an order
Send an e-mail with a question regarding the company's offerings
There are a lot of reasons for a customer to use the Internet. Do you have to authenticate with each of these reasons? No, you only need to authenticate in those areas where you need to identify...