Public Key Infrastructure (PKI) is mostly about managing secure digital identities that enable ways to protect data and know the subject’s (a subject could be anything such as a computer, a person, a router or a service) identity when sharing information
over untrusted networks. PKI is essential to most businesses and their applications today.
What is Public Key Infrastructure (PKI)?
Challenges when adopting a cloud-based PKI model
Considering Cloud-based PKI
Options for Cloud-based PKI models
This is the simplest model for cloud-based PKI to deploy and can be useful for small scale business models. In this approach Root CA is placed on-prem and offline the same way it is done for the traditional PKI. Issuing CA is kept on the cloud and acts
as a primary enterprise CA which issues certificates to the end-entities. Here, we leverage the cloud providers to provide management and availability for the virtual machines and certificate authorities.
Two Tier hybrid Model
Three Tier Model
Three Tier Hybrid Model
The cost of a cloud-based PKI
Parnashree Saha is a data protection senior consultant at Encryption Consulting LLC working with PKI, AWS cryptographic services, GCP cryptographic services, and other data protection solutions.