Ediport: PKI Products

Products:

  products
  EDI products
  PKI products
  Meta directory products
Mail products

Contact

Ediport Ltd.
Phone:
+36-1-392-22-40
Fax:
+36-1-392-25-71
Email:
ediport@ediport.hu
Our other weblinks:
www.ediweb.hu
www.notebookvedelem.hu
www.internetszolgaltatas.hu

PKI products

The Infrastructure for Public Key-enabled Applications
SafeGuard PKI is the enabling technology needed for the generation, verification and management of certificates. It provides a secure platform and Public Key Infrastructure (PKI) for Public Key-enabled Applications (PKAs). Such applications e.g. allow a secure interchange of data and strong user authentication. Due to its flexibility and scalability, SafeGuard PKI Enterprise can easily be adapted to a wide range of security policies.

The Challenge

    Transaction portals and business communities are the buzzwords in today’s B2B and B2C business world. Virtual Private Networks connect organizations and individuals on a global basis. Public Authorities apply e-government. Thanks to the legislation regarding the value and recognition of digital signatures, paper documents are increasingly being replaced by an electronic information exchange. These are all developments that have led many organizations to seriously consider issues like data security, access control and user identification.

   A Public Key Infrastructure (PKI) that generates and manages certificates is the infrastructure required for working with Public Key-enabled Applications (PKAs), such as:
        • The SafeGuard Sign&Crypt product suite for applying encryption and digital signatures to messaging, data files, workflow systems, and document management
        • SafeGuard Transaction Client and Server modules for adding trust to transaction processes by using digital signatures in your browser
        • SafeGuard Toolkit for integrating security functions into existing            applications
        • Third-party certificate-based applications

The Product

   With SafeGuard PKI Enterprise, Utimaco Safeware offers a PKI solution that makes certificate creation and management an easy process. It is both flexible and scalable and uses open standards, which have been accepted by the global Internet community.
   This makes SafeGuard PKI Enterprise a solution that matches any security policy, is open for future developments, and is ready to be integrated into virtually any ICT architecture.

Solid Basis for Security
   SafeGuard PKI is the enabling technology to drive Utimaco Safeware applications, such as all of the SafeGuard Sign&Crypt applications, and SafeGuard Toolkit integrations.
In addition, it can be used in combination with proprietary applications and third-party PKAs.

Easy Operation
   SafeGuard PKI Enterprise forms a comprehensive PKI platform consisting of the components Certification Authority (CA), Registration Authority (RA), RA Web, RA Batch, Registration Point (RP), User Agent, Publication Agent (PA), Audit Server and Viewer, and RA Extension SDK. It offers easy operation and allows configurations with both central and/or decentralized key management.
Database Interaction
   The Certification and Registration Authorities of SafeGuard PKI are able to access the directory systems of leading vendors by means of standard protocols and formats.
   SafeGuard PKI is also able to read and write to X.500 directories via LDAP, such as Critical Path InJoin, IBM SecureWay, Novell eDirectory, Netscape iPlanet and OpenLDAP.

Characteristics

   The modular structure of SafeGuard PKI Enterprise provides a flexible platform to enable an ICT system for secure electronic communication.

Open Standards
   Strict adherence to open standards (e.g. X.509, CRL, PKCS, PKIX and LDAP) is the basis for seamless interoperability with third-party PKI and PKA solutions. As a consequence, Utimaco Safeware’s PKI and PKA technology has been selected to provide the Reference Implementation for EEMA’s European Commission funded pki Challenge project.

Certification Authority
   The Certification Authority of SafeGuard PKI Enterprise represents a server-based process with fully automatic operation. It runs on a protected Windows NT or Windows 2000 server and does not require any user interference in normal operation.
   Maximum security can be achieved in combination with tamper-proof HSMs (Hardware Security Modules) as the CryptoServer 2000 or the IBM 4758 HSM.

Registration Authority
   The Registration Authority of SafeGuard PKI Enterprise serves to enter and verify user identities, to generate certificate requests and to send renewal or revocation requests. Keys can be provided on a security token (smart card) or as a PKCS#12 file. It is possible to maintain multiple Registration Authorities, which may run on different machines. Selection can be made from the interactive, batch (for automatically processing large volumes of requests) and web interfaces.

Registration Points and User Agents
   Registration Points and User Agents allow decentralized key generation. With the user agent users can completely manage their certificates.

Publication Agent
   The SafeGuard Publication Agent is located at the Certification Agent side of the system and publishes certificates and/or certification revocation lists to the directory system. It adds another layer to the PKI architecture, so the CA does not need to be connected to the external network/Internet.

Audit Server
   The SafeGuard Audit Server securely logs CA and PA events into databases that can be examined using the Audit Viewer application.

Specifications

Certification Authority
   PKIX and TCP/IP-compatible, X.509v3 extensions, Generation and mailing of PIN codes, Generation, certification, backup, recovery and revocation of key pairs and certificates, Cross-certification with third-party Cas, CA Hierarchies
Support of database systems such as Oracle (optional). The CA also includes an Audit Server for securely logging all CA events.

Registration Authority
   PKIX and TCP/IP-compatible, Key and certificate storage in either smart card or PKCS#12 file

Smart card issuing
   Publishing into X.500 directories, Generation of certificates in batch mode
CardMan support

User Agent
   PKIX and TCP/IP-compatible generation, update and renewal of user keys
Key storage in either smart card or PKCS#12 file, CardMan support, Automatic expiration warning, Changes of user PIN, Local certificate management

Supported Operating Systems
   Certification Authority and Publication Agent:
        • Microsoft Windows NT version 4.0,
        • Microsoft Windows 2000
   Registration Authority, Registration Points and User Agent:
        • Microsoft Windows 98
        • Microsoft Windows Me
        • Microsoft Windows NT version 4.0
        • Microsoft Windows 2000

Supported Applications
X.509 certificate-enabled applications, All SafeGuard Sign&Crypt products
SafeGuard Transaction Client, SafeGuard Toolkit, SafeGuard Advanced Security with Authentication Extensions, Smart card Personalization
SafeGuard Advanced Security, SafeGuard LAN Crypt

Supported Hardware
   CryptoServer 2000, IBM 4758 HSM, CardMan product family, Privilege smart card printer P310, PKCS#11-based smart cards and tokens

PKI products:

	PKI systems

	Authorized systems with PKI:
	digital signature securized client (MS,Notes,SAP)
	digital signature securized web
	computer protection
	network protection
	internet protection
	PKI toolkit

	disk, notebook protection
	palmtop protection
	biometrics
	cards, card readers