 | 
 Public Key Infrastructures (PKI) is the enabling technology that makes sharing secure data possible. Simply stated, PKI is a computing infrastructure that supports authentication, encryption, and digital signatures based on a mathematical algorithm that uses a pair of prime numbers to encrypt and decrypt data. One of the numbers is considered a "private key" and the other a "public key". Only the owner "knows" their private key, and their public key is published. Public keys are published in the form of Digital Certificates that contain other information, like the identity of the person, how the certificate can be used, when they expire, etc. Certification Authorities issue digital certificates and provide information on how to verify the validity of the certificates. Digital certificates and private keys can be stored in hardware "tokens" the user physically possesses. However, by itself, PKI doesn't provide a business solution. Business computer systems must work with the PKI to perform useful work. LabWare is working to make PKI easy to implement and use in a laboratory setting.
LabWare LIMS incorporates PKI into LIMS in several ways:
Digital signatures can be used to sign LIMS data that is published in PDF format using a PKI compliant plug-in developed by LabWare. This allows data to be shared in an open systems environment.
In addition, LIMS uses Rainbow iKey 1000 or 2000 tokens to identify the user any time data is written to the database. Upon logon the token is challenged and when data is written the serial number is verified to ensure the same token is present. The audit trail is encrypted using MSCAPI to ensure it cannot be tampered with. This is done using symmetric encryption with a secret key owned by the application. |