Security Encyclopedia

Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI) is an arrangement that assembles users, enterprises, hardware, software, and policies into a cohesive system so that cryptography can be leveraged for various kinds of secure online activity.

A deployed PKI product registers people and entities with one another, issues and revokes cryptographic keys, and verifies users and devices. With it, the enterprise then has a secure, PKI-based identity and access management (IAM) system.

PKI requires a number of supporting components including a certificate authority (CA), registration authority (RA), central directory, certificate management system, and a certificate policy. Once these are in place, PKI can be used for a number of uses such as encryption, authentication, and signing.

PKI dates back to the 1970s in the United Kingdom, and as developments were declassified in subsequent decades PKI began to appear in commercial use cases. Today PKI serves as a foundation for many online activities where secure messaging, transaction signing, and the granting of access are paramount.


"Our employees are wondering how the credentials they once had to type in to access company resources no longer take the form of a password or other shared secret between them and the company. We've told them we deployed a FIDO Certified solution that marries PKI and smartphone features to secure and simplify their everyday work experiences."