Public Key Infrastructure (PKI)
ICA offers a range of PKI consulting services designed to identify if and where PKI may be appropriate for your business and then to
design and implement the solutions. ICA works closely with customers on projects and can provide services ranging from specialist '
advice to turnkey solutions.
A typical PKI project lifecycle includes:
1. Opportunity Assessment and Business Case Development
In this stage the current and planned electronic systems that require strong user identification are identified and reviewed.
The purpose of the identification is reviewed (employee, business partner, customer, public etc) along with potential PKI
solutions (internal, outsourced, gatekeeper compliant etc).
A high level implementation schedule is developed along with budgetary costs for the system. This information is included in a
business case for the use of PKI in the organisation.
2. Analysis and Design
In this stage the requirements for PKI are analysed in more detail and a design is produced for the system.
This design includes:
• Policies and procedures for issuing, managing and revoking certificates, certificate practice statement etc
• System interfaces to the PKI system including changes to authentication and authorisation systems
• If the PKI system is to be hosted internally, the configuration of the system
• Operational design for the on-going systems operation of PKI
• Training requirements for internal and external users
• Audit and compliance processes to be implemented with PKI
3. Implementation
In the implementation stage the PKI system is developed according to the design of the system. The implementation usually includes:
• Development and testing of all technical components of the system
• Definition and testing of processes associated with PKI
• Training of internal and external users
• Conduct of a pilot or proof of concept to refine procedures and the system before large scale roll-out
• Conduct of a pre-implementation audit of the system by a knowledgeable third party
