.
Data and information are valuable – they must therefore be protected. There can be value in ensuring that the authenticity of the data is guaranteed and verifiable, or that it is protected from being accessed (confidentiality). The FOITT's public key infrastructure (Swiss Government PKI) offers the basic technology for this.
In the physical world, information is protected by being certified in notarial deeds with embossed stamps/seals, or sealed in registered letters/safes. In the virtual world, authentication involves signing the data and locking it away through encryption.
The electronic solutions for authenticating and locking away data consist of algorithms with which mathematical procedures are applied to the data – so-called cryptographic procedures. These solutions work regardless of where the data is stored.
Much like in the physical world, keys and secure processes are used for this purpose. With these keys, data can be signed (certified) or encrypted (content is unreadable for unauthorised persons). The keys can also be used to log in to an application (authentication).
Which clients is the Confederation allowed to supply?
The FOITT's PKI makes such keys available to the Swiss authorities and organisations affiliated to the Confederation. In addition to the Federal Administration, these include the cantons, communes, police authorities and courts, for example.
Secure signatures, encryption and login
One example of use is the smart card that all federal employees use to log on to their notebooks. The electronic certificates on the smart card chip also allow emails to be encrypted and signed.
Another example is the electronic signing of documents, messages and data. Electronic signatures are a technical procedure for verifying that a document, electronic message or other electronic data has remained unchanged since it was signed, as well as the identity of the person who signed it. You can find further information here.
Certifications: security is central
The Swiss Government PKI is the centrepiece of the federal trust services and is used whenever confidentiality must be specifically ensured. The PKI keys are trusted because the PKI is designed and operated according to very specific rules. The focus is on compliance with these rules, which is why they are consistently checked by accredited bodies. The PKI is thus certified annually and the trustworthiness of the keys is documented.
§ The Swiss Government PKI is one of three certified Swiss providers that meet the stringent requirements of these certifications (ESigA, ETSI).
§ You can find an overview of Swiss Government PKI certifications at this link.