In the Internet world when everything is widely opened including our identities, how to properly authenticate and authorize users’ identities, and ensure its security, especially in the Privacy/Integrity/Authentication and Non-repudiation areas? There are really a lot of different unknown identities one can find on the Internet. The traditional way of authentication with username and passwords are not really secure anymore, since it has the risk of being stolen or hacked easily. As a result it is difficult to prove the authenticity of the identities even though the user is authenticated successfully. We can find a lot of different standards on this topic are under discussion. Nowadays, most authentications used in the Internet integrate with PKI (Public Key Infrastructure) so that it has better security and protection in the legal aspect. Users could obtain their digital certificates through a CA (Certification Authority) to identify themselves in the Internet world. There are a lot of government CAs in Taiwan that have already deployed a PKI that targets in its own arena; and enterprises also deploy their own internal PKI. But in the process of deploying PKI and issuing certificates to users, enterprises need to consider the management of the certificates; how to integrate them with the authentication of existing Internet applications; more importantly the Internet applications have to ensure the certificate’s authenticity and validity. The main area of this research is to propose an authentication model based on the concept of PKI and digital certificate. This authentication model will be applicable to both internal deployed PKI in enterprises; as well as different Certification Authorities found in the society; so that it will overcome some commonly seen problems in the authenticity/validity/integration topics as described above.