An exploration of public key infrastructure applications across diverse domains: a comparative analysis

Oleksandr Dulia; Dmytro Minochkin

doi:10.20535/2411-1031.2023.11.2.293496

Authors

Oleksandr Dulia Institute of Telecommunication Systems of the National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv, Ukraine https://orcid.org/0000-0002-9769-3178
Dmytro Minochkin Institute of Telecommunication Systems of the National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv, Ukraine https://orcid.org/0000-0003-4988-7098

DOI:

https://doi.org/10.20535/2411-1031.2023.11.2.293496

Keywords:

Public Key Infrastructure, Digital Certificates, Web Security, Internet of Things, Authentication, Encryption

Abstract

This article delves into the vital role of Public Key Infrastructure (PKI) in securing and authenticating communications across a multitude of fields. PKI has evolved from a mere technical concept into a cornerstone of secure digital communications, playing a central role in various domains such as web security, healthcare, finance, the Internet of Things (IoT), and government services. PKI employs cryptographic techniques and digital certificates to establish trust, ensure data integrity, and enable secure communications, thus acting as the backbone of digital security. In the wake of the digital revolution, the demand for reliable and robust security solutions has skyrocketed. The diversity and scale of modern digital platforms necessitate adaptable security solutions, a challenge which PKI tackles through its flexible implementation. Despite sharing core principles, the implementation of PKI demonstrates divergences influenced by factors such as scale, complexity, resource constraints, regulatory environments, and trust models. This article offers an extensive comparison of PKI's utilization across various domains, highlighting the commonalities and divergences. It explores how PKI is tailored to meet the unique requirements and challenges of each sector and discusses the certificate lifecycle management in varying contexts. Moreover, it provides an analysis of the current state of PKI applications and challenges, offering insights into the evolving landscape of threats and technologies. Not only does the article address the current state of PKI, but it also presents a forward-looking perspective on its potential future developments. As the digital landscape continues to evolve and expand, it is crucial to anticipate the emerging challenges and devise strategies for proactive adaptation. This article thus serves as a comprehensive resource for understanding the role and impact of PKI in the contemporary digital infrastructure. Ultimately, the article seeks to underline the importance of PKI and highlight the need for continued research and development in this area. As our reliance on digital communications and transactions continues to grow, the role of PKI in safeguarding these interactions becomes increasingly significant. This comprehensive review serves as a valuable resource for researchers, practitioners, and policymakers in understanding the diverse applications of PKI and its critical role in securing the digital world.

Author Biographies

Oleksandr Dulia, Institute of Telecommunication Systems of the National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv

Ph.D. student of the department of telecommunications

Dmytro Minochkin, Institute of Telecommunication Systems of the National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv

candidate of technical sciences, senior researcher, associate professor of the department of telecommunications

References

W. Stallings, Cryptography and Network Security: Principles and Practice. Pearson, 2017.

R. Roman, J. Zhou, and J. Lopez, “On the features and challenges of security and privacy in distributed internet of things”, Computer Networks, vol. 57, no. 10, 2013, pp. 2266-2279. doi: https://doi.org/10.1016/j.comnet.2012.12.018.

R. J. Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2008.

E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.3”, IETF Trust, 2018, 160 p. [Online]. Available at: https://datatracker.ietf.org/doc/html/rfc8446. Accessed on: Aug. 03, 2023.

T. Dierks, and E. Rescorla, “The Transport Layer Security (TLS) Protocol Version 1.2”, RFC 5246, IETF, 2008, 104 p. [Online]. Available at: https://www.rfc-editor.org/rfc/rfc5246.html. Accessed on: Aug. 03, 2023.

C. Evans, C. Palmer, and R. Sleevi, “Public Key Pinning Extension for HTTP”, Internet Engineering Task Force (IETF), 2015, 27 p. [Online]. Available at: https://datatracker.ietf.org/doc/rfc7469/. Accessed on: Aug. 08, 2023.

R. Gajanayake, R. Iannella, and T. Sahama, “Privacy oriented access control for electronic health records”, Electronic Journal of Health Informatics, vol. 8, no. 2, 2014, 9 p. [Online]. Available at: https://www.researchgate.net/publication/267805570_Privacy_Oriented_Access_Control_for_Electronic_Health_Records. Accessed on: Aug. 12, 2023.

A. Mense, P. Urbauer, S. Sauermann, and M. Frohner, “Integration von Personal Health Records (PHR) in die österreichische elektronische Gesundheitsakte (ELGA)”, in Proc. eHealth2013, May 23-24, Vienna, Austria, 2013, pp. 45-51. [Online]. Available at: https://www.dhealth.at/wp-content/uploads/scientific-papers/2013/mense.pdf. Accessed on: Sep. 08, 2023.

J. L. Fernandez-Aleman, I. C. Senor, P. A. O. Lozoya, and A. Toval, “Security and privacy in electronic health records: A systematic literature review”, Journal of Biomedical Informatics, vol. 46, no. 3, 2013, pp. 268-286. [Online]. Available at: https://www.sciencedirect.com/science/article/pii/S1532046412001864?via%3Dihub. Accessed on: Sep. 08, 2023. doi: https://doi.org/10.1016/j.jbi.2012.12.003.

M. Sayal, “Providing A Secure Environment For E-Commerce Sites Using SSL Technology”, Journal of Education and Science, vol. 29 (1), pp. 174-191. [Online]. Available at: https://edusj.mosuljournals.com/article_164371.html. Accessed on: Aug. 17, 2023. doi: https://doi.org/10.33899/edusj.2020.164371.

C. Narendiran, S. A. Rabara, and N. Rajendran, “Public key infrastructure for mobile banking security”, in Proc. 2009 Global Mobile Congress, Shanghai, China, 2009, pp. 1-6. [Online]. Available at: https://ieeexplore.ieee.org/document/5295898. Accessed on: Sep. 17, 2023. doi: https://doi.org/10.1109/GMC.2009.5295898.

S. Sicari, A. Rizzardi, L. Grieco, and A. Coen-Porisini, “Security, privacy, and trust in Internet of Things: The road ahead”, Computer Networks, vol. 76, 2015, pp. 146-164. [Online]. Available at: https://www.sciencedirect.com/science/article/abs/pii/S1389128614003971?via%3Dihub. Accessed on: Aug. 15, 2023. doi: https://doi.org/10.1016/j.comnet.2014.11.008.

I. Lee, and K. Lee, “The Internet of Things (IoT): Applications, investments, and challenges for enterprises”, Business Horizons, vol. 58, no. 4, 2015, pp. 431-440. [Online]. Available at: https://www.sciencedirect.com/science/article/abs/pii/S0007681315000373?via%3Dihub. Accessed on: Sep. 21, 2023. doi: https://doi.org/10.1016/j.bushor.2015.03.008.

T. Heer, O. Garcia-Morchon, R. Hummen, S. L. Keoh, S. S. Kumar, and K. Wehrle, “Security Challenges in the IP-based Internet of Things”, Wireless Personal Communications, vol. 61, no. 3, 2011, pp. 61-76. Online]. Available at: https://link.springer.com/article/10.1007/s11277-011-0385-5. Accessed on: Sep. 23, 2023. doi: https://doi.org/10.1007/s11277-011-0385-5.

United States Government, “Federal Public Key Infrastructure (PKI) Trust Infrastructure Overview”, Federal PKI Policy Authority. [Online]. Available at: https://www.idmanagement.gov/fpki. Accessed on: Aug. 23, 2023.

Ministry of Government Administration, Reform and Church Affairs, “Requirements specification for PKI in the public sector”. [Online]. Available at: https://www.regjeringen.no/en/dokumenter/requirements-specification-for-pki-in-th/id611085. Accessed on: Aug. 23, 2023.

C. Adams, and S. Lloyd, Understanding PKI: Concepts, Standards, and Deployment Considerations, Addison-Wesley Professional, 2002.

A. Alshehri, S. Alharbi, M. Khayyat, and O. Aboulola, “Global E-government Trends, Challenges and Opportunities”, SAR Journal, vol. 4(1), 2021, pp. 175-180. [Online]. Available at: https://www.sarjournal.com/content/44/SARJournalDecember2021_175_180.html. Accessed on: Aug. 23, 2023. doi: https://doi.org/10.18421/SAR44-04.

An exploration of public key infrastructure applications across diverse domains: a comparative analysis

Authors

DOI:

Keywords:

Abstract

Author Biographies

Oleksandr Dulia, Institute of Telecommunication Systems of the National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv

Dmytro Minochkin, Institute of Telecommunication Systems of the National Technical University of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv

References

Downloads

Published

How to Cite

Issue

Section

License

Make a Submission

Information