PKI Overview

Public key encryption systems are designed to provide security in the information exchange environment by creating security services such as Ensure the integrity and Confidentiality of information, authentication of entities, and access control to resources.

Proper use of Public-key cryptography systems requires the existence of key management mechanisms and follow the proper security policies. PKI has provided an appropriate response to ensuring the integrity and security of Public-key cryptography applications.

PKI is a collection of hardware, software, policies, and procedures required to create, manage, distribute, use, store, and revoking digital certificates.

PKI relies on a set of public-key encryption mechanisms which provide the security services required in the organization.

Easy access and easy use

The user only needs to enter the token PIN code and it will be easy to remember a PIN for secure access to different services.

In public key-based authentication mechanisms, the user signs the Challenge by the software (The user only enters the code PIN), and the answer is automatically sent to authenticator, therefore high security and easy use are achieved.

Multipurpose application

Certified users can be identified in other software systems and receive a variety of services from the organization.

Banking application (for example)

The electronic check system is one of the most important applications in the area of banking based on electronic certificates, also electronic Negotiable instrument systems, and many other systems that are widely used in the banking area.

Acceptable security

For reasons mentioned in the introduction and security analysis section, the use of token and electronic certification for electronic signatures provides a high level of security compared to similar solutions.

The non-repudiation principle can only be done through public key infrastructure. For the Non-repudiation of Users transactions, a digital signature can be created by the results of these transactions and using each user’s private key and stored for later references.

Public key infrastructure applications in organizations and PKI security analysis

Securing communication channels by SSL/TLS protocols.

Registration of data and documents related to organizational tenders signed in order to prevent manipulation.

Applying the concept of PKI in electronic payment solutions.

Events signature and Non-repudiation

Securing Specific applications

Securing Office automation application

Securing Email

Securing web applications

VPN networks

Access control and data classification

Documents security

Ability to login the operating system and network


Properties of Software Development Tools for Public Key (PKE – SDK)

According to the previous sections, the benefits of providing an organization with public key infrastructure capabilities as well as our mission to the use of PKI, at the request of management and experts, a tool was developed as a software library and was provided to software development teams, so they can equip their software with PKI in minimum cost. PKI in the PKE – SDK development tool has been designed So that users can easily use cryptographic functions related to PKI as a web service by calling completely high-level methods. All the efforts of the software developer team are based on a fully standard tool with easy functionality in other PKE systems.

The mentioned tools for equipping systems with PKI services (PKI-Enabling) including Electronic certificate interaction, digital signature, encryption, authentication, and design for general use by programmers and software manufacturers.

Introduction of technology to use

The tool on the server side is fully developed based on JAVAEE 7. And all the classes and modules are implemented, based on Web Services to the end users of the system. Thus, there is no limit to the implementation of the client with different technologies in this architecture. It is also used for the cryptographic functions the Castle Bouncy libraries. Because of the using standard libraries, the application has the capabilities of running in the Application Server. To use encryption tokens with support for PKCS # 11 standard, clients with Silverlight, Applet, Firefox Extension, Java Script technologies have been designed which can easily be uploaded into the client’s web pages.

Contact Us


Unit 33, Floor 3, No.1, St Bistoon, Sq Fatemi, Tehran, Iran

Saturday-Wednesday: 8 am – 7 pm

Thursday: 8 am – 1 pm

Get Started

Click to consult and meet with our experts