Print
Discuss
Send to friend
RSS feeds
Daily news podcastIt could be two years before users will benefit from public key infrastructure (PKI).
"What can PKI do for you today?" asked Luther Martin, general manager for PKI at the US security software company Cylink. "Not much. You can create PKIs, but you can't do much with them."
Launching his firm's own PKI initiative, Martin argued that PKI projects, which use decryption keys to prove the authenticity of electronic communications, are being held up by a software development lag.
"Not many applications are PKI-enabled. Out of the box, almost no applications have it. This is the big obstacle." Martin added that he does not expect "a useful level of PKI-enabled applications available for 18 to 24 months".
Marcus Lasance, project manager at BT Internet Multimedia Applications, which is conducting a PKI pilot scheme, agreed that few applications are enabled. BT is among the early adopters of the technology, developing a system for giving keys to employees, assuring them authentication when accessing the corporate network.
"A simple application of PKI is secure messaging. But would you be able to use a key to do other things such as filing expenses and online banking? Applications in these areas need a lot more work. They [application developers] have to PKI their applications," he said.
Graham Titterington, senior consultant at analyst Ovum, said more complex projects required PKI-embedded applications. "With sales, for example, you can use PKI to say that certain people can buy from you and others can't. But if you want certain people to buy to a certain limit, and others to a higher level, you have to put code into an application," he said.
Lasance advises organisations to identify small groups of users and use existing applications such as Microsoft's Outlook to build a business case for PKI.
First published in Computing
See also:
All Hacking
del.icio.us
Digg this
reddit!
