How does Public Key Infrastructure (PKI) support non-repudiation of users and devices?

Public Key Infrastructure (PKI) supports non-repudiation through the use of digital signatures, which are created by encrypting data with a user's private key. When a user signs a document or a transaction with their private key, that signature can be verified by anyone who has access to the corresponding public key. This means that the signer cannot later deny having signed the document, as the signature is uniquely tied to their private key.

In this context, non-repudiation acts as a safeguard, confirming that the originator of the data (whether a user or a device) cannot dispute their involvement. The cryptographic relationship established between the public and private keys is fundamental to establishing this level of accountability in digital communications.

In contrast, the other options do not directly address the principle of non-repudiation. Ensuring failover capacity relates to system reliability rather than accountability. Monitoring systems for downtime is focused on operational integrity, and updating encryption algorithms is important for maintaining security but does not directly relate to the concept of non-repudiation. Thus, the correct answer successfully highlights the critical aspect of digital signatures in PKI that ensures users and devices cannot later deny their actions.