Public Key Infrastructure (PKI) - definition of metrics for process of choosing

Number of threats in the field of our cyber security has had significantly rising trend, every single user need to protect his or her data and especially their electronic identity. According to a security expert and cryptologist Bruce Schneier, a well-implemented Private Key Infrastructure (PKI) is the best way to protect our data and most importantly our identities. Theoretical part of this thesis covers the issue of asymmetric cryptography and its application in private key infrastructure, authentication and data protection based on electronic signature as well as its implementation into practice. This part is theoretical basis for asymmetric cryptography, encryption, cryptographic keys, digital certificates and electronic signature which has been used for practical part of this thesis. Next step is practical part that contains analysis of trends in cybercrime and determine some factors which have an influence on the probability of the cyber-attack and the cost of caused data breach. The main goal of this thesis is to define several metrics for process of choosing commercial PKI product for the middle enterprise. Current market can offer many different products for this service but defined metrics can help to find the right one. Those metrics create a metrics portfolio that is also applicable for different use cases. The final part is about practical application and verification of those goals on specific use case. This use case is based on a real business case and it demonstrates how to apply define metrics for the selection process of the right product. It can also show how to use the outputs from cybercrime analysis for argumentation at customer's side.