Public Key
Infrastructure (PKI)

Generating electronic certificates with PKI

Proving electronic identities – whether persons, organisations or devices – can only be ensured in a trustful way by using electronic certificates. This also applies in a similar way to the integrity of electronic documents and messages by means of electronic signatures. Securely encrypted data transport as well utilises certificate-based solutions. All these scenarios require one component for generation, management and verification: a public key infrastructure (PKI).
Start getting Safe Now

Public Key Infrastructures (PKI) are suitable for

  • Strong authentication for intranet/extranet/internet resources
  • Secure Communication with SSL/TLS/ E-Mail Signature and Encryption (S/MIME)
  • Electronic Timestamps (Qualified - accredited)
  • Signing of electronic documents
  • Internet of things e.g. smart meter data exchange
  • Mobile PKI and mobile device management and much more

procilon PKI as a Service

Ask us for our flexible and secure Cloud-Services
The procilon PKI Solution

procilon realises PKIs with standard components that are internationally evaluated in accordance with CC EAL 4+ (high protection) and confi rmed in accordance with the German Digital Signature Act. The requirements put on data security are met via an end-to-end encryption using AES 256 and RSA encryption (2048-bit key length). The choice and use of cryptographic algorithms and relevant parameters is based on the regularly updated regulations and recommendations of the German Federal Office for Information Security.

FAQ

Which are the roles within a PKI?

Issuance of electronic certificates
Similarly to other areas, electronic certifi cates are issued by the certifi cation authority (CA) of an organisation. The validity of public keys is confi rmed through digital signatures by the CA. Along with the key itself the digital certifi cate contains further information such as the term of validity etc. As the responsible entity the CA is the central component in the public key infrastructure.

Registration of electronic certifi cates
To maintain the trustworthiness of the CA, a conclusive verifi - cation of the identity of the requesting person or organisation is required prior to the issuance of the electronic certifi cate, which is ensured by the registration authority (RA)

Verifi cation of electronic certifi cates
To verify the validity of electronic certifi cates a validation authority is needed. Generally, one distinguishes between the checking against a published certifi cate revocation list (CRL) or the realtime verifi cation by an online certifi cate status protocol (OCSP) service. Which mode of verifi cation is chosen depends mostly on the respective operational scenario.

Are PKI process provable?

Depending on the legal status of the PKI, the legally usable recording of all transactions in a PKI will be useful or even necessary in the majority of uses. The archiving of these transactions in accordance with the German Federal Offi ce of Information Security’s TR-ESOR regulation will be the basis for this.

How do we provide PKI?

As a complex overall solution, a PKI necessarily requires individual components that are perfectly coordinated. With our products of the proNEXT family we're able to realise ambitious PKIs.

The applications range from signing and encoding of e-mails (S/MIME) through authentication processes right to the fast generation of certificates in the internet of things. All components are also suitable for mobile applications. Depending on the status of the operator and the security standard of the associated computing centre, the most diverse solutions can be conceived, starting with a root CA as trust anchor and continuing with strictly hierarchical PKIs with multiple sub-CAs. Even a cross certification with other PKIs is feasible.


ANY QUESTIONS UNANSWERED?

Don't hesitate to contact our sales team.

  Contact form

Hinweis: Durch die Nutzung der Website stimmen Sie der Verwendung von Cookies zu.