Swiss Government PKI - Intro
Data and information are valuable – they must therefore be protected. There can be value in ensuring that the authenticity of the data is guaranteed and verifiable, or that it is protected from being accessed (confidentiality). The FOITT's public key infrastructure (Swiss Government PKI) offers the basic technology for this.
The Swiss Government PKI
In the physical world, information is protected by being certified in notarial deeds with embossed stamps/seals, or sealed in registered letters/safes. In the virtual world, notarisation involves signing the data and locking it away through encryption. The electronic solutions for signing and encrypting data consist of algorithms with which mathematical procedures are applied to the data – so-called cryptographic procedures. These solutions work regardless of where the data is stored.
Similar to the physical world, keys and secured processes are used for these procedures. The keys can also be used to register with an application (authentication). The FOITT's PKI makes such keys available to the Swiss authorities and organisations affiliated to the Confederation. In addition to the Federal Administration, these include the cantons, police authorities and courts, for example.
Secure signatures, encryption and login
One example of use is the smartcard that all federal employees use to log on to their notebooks. The electronic certificates on the smart card chip also allow emails to be encrypted and signed. Another example is the electronic signing of documents, messages and data. Electronic signatures are a technical procedure for verifying that a document, electronic message or other electronic data has remained unchanged since it was signed, as well as the identity of the person who signed it.
- Offer description: Electronic signature
Security is central
The Swiss Government PKI is the centrepiece of the federal trust services and is used whenever confidentiality must be specifically ensured. The PKI keys are trusted because the PKI is designed and operated according to very specific rules. The focus is on compliance with these rules, which is why they are consistently checked by accredited bodies. The PKI is thus certified annually and the trustworthiness of the keys is documented. The Swiss Government PKI is one of three certified Swiss providers that meet the stringent requirements of these certifications.