• Home
• About Gemalto
  • Our Company
  • Corporate Governance
  • Sustainability
  • Investors
  • Partners
  • Office Locations
• Products & Solutions
  • Telecommunications
  • Financial Services & Retail
  • Enterprise
  • Government
  • Transport
  • Training
  • Buy On-Line
• Contact Us
  • Office Locations
  • Jobs/Careers
  • Tech Support
  • Sales/Other
• Media Center
  • Media Contacts
  • Feature articles

Focus

Storing PKI credentials

In PKI systems, certificates and private keys must be protected and managed carefully because they enable a range of security applications and business processes. Anyone with access to the private keys can be assumed to be the owner and will be able to act on the owner’s behalf. Alternatively, denial of service could result from compromising the certificate. As a result, one of the most important policy decisions is the method of storing and protecting these credentials – the solution directly affects the security of network assets and the entire organization.

Private keys and certificates can be stored in PC disk memory (“soft certificates”)  or externally on user-centric hardware such as a smart card device (“hardware certificates”).

Factors to consider in determining the best approach include usability, data value and content, and compliance needs. Keys and certificates for high value transactions require more protection than those used for routine or non-confidential information. The need to protect customer information is also an important consideration and several regulations define specific security measures, including the European Union (EU) Data Protection Directive, the Gramm-Leach-Bliley Act and Health Information Privacy and Accountability Act.