Public Key Infrastructure: The Broad Enabler of Collaborative Trust

Increasingly, both people and information systems must easily and securely exchange information in cyberspace among entities they "know" can be trusted. A public key infrastructure (PKI) consists of agreed upon processes whereby certifying authorities explicitly identify entities, bind an identifier to each entity and certify that the digital credential for each entity contains a public key that matches only a specific private key under the sole control of the identified entity. Such digital IDs ensure the trustworthiness of identity assertions exchanged among identity and resource provider systems operated by institutions bound together in Identity Federations. Persons granted PKI-issued, digital IDs have the ability to strongly authenticate their identities to access restricted resources, apply digital signatures to email and other electronic documents, verify the integrity of electronic documents, and create and send documents that can be viewed only by intended recipients. These and other capabilities are indispensable to collaborative interactions in cyberspace - particularly to those associated with health care.