Public Key Infrastructure is considered integral to business security processes, transactions and access control - the secure storage and protection of private keys is paramount to the security of PKI.
A digital certificate bridges the gap between digital key material and identities by cryptographically binding key material to the identity of the entity. It’s this binding of keys and entities that enables secure communication, provable data integrity and trust in the digital society. Certificates not only prove identities, but also ensure the user that they are connecting to trusted websites and devices, downloading unmodified software updates, or purchasing genuine spare parts.
Trust relationships can be established in two ways, implicit and explicit, by relying on a chain of trust. The idea is simple: if one trusts the root of a chain of trust (a trustworthy third party that attests trust) then every entity that is able to prove that this root authority once attested that a certain (public) key belongs to a certain entity can also be trusted. This root of trust, a Root Certificate Authority (Root CA) is either added manually to a list of trusted CAs, or – more commonly – predefined by your browser or operating system vendor, for example.
However, it’s not only the Certificate Authority that is needed to successfully deploy and run a Public Key Infrastructure, it’s also about self-services for issuing, renewing and revoking certificates, services to query the status of a certificate (revoked or still valid), management of users, groups and entities and automatization of all the related processes.
Utimaco offers a scalable all-in-one solution which can be customized to meet specific requirements. This means even the most complex setups including multiple tenants, Sub CAs and millions of certificates that need to be managed and secured can be achieved. Due to its modular and configurable architecture, a customizable, automated solution can be provided to meet ongoing business requirements, including integration with existing systems and APIs.