User Authentication Through the Use of Public Key Infrastructure (PKI)

by Robert Meacham Oct. 1, 2017 via Infosecwriters

The information I would like to cover in this paper will be in the use of the Public Key Infrastructure (PKI). The key area of focus will be on its use in the authentication of users in relation to network access for segments of the Department of Defense (DoD) Global Information Grid (GIG) infrastructure. I will discuss views from its implementation, expansion, benefits, issues and management perspective briefly in order to provide a better understanding of the impact this change has had on security and the management of such an undertaking. Details pertaining to the infrastructure, methods of implementation and usage will be discussed. Then a look into the effects of policies and the importance of documenting the methods used to implement user authentication through the Public Key Infrastructure within the organization. Without good management and the implementation of policies and procedures in place, the likelihood of misinterpretation and security flaws can occur that will directly affect the confidentiality, integrity and availability of an organization infrastructure.

Irina Alexandra Negrii 1 week, 3 days ago

PKI provides a chain of trust, so that identities on a network can be verified. However, like any chain, a PKI is only as strong as its weakest link. There are various standards that cover aspects of PKI -- such as the Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework (RFC2527) -- but there is no predominant governing body enforcing these standards