The trusted security provider to your trusted security provider
|
|
- Jesse Daniels
- 5 years ago
- Views:
Transcription
1 1 R
2 ABOUT CRYPTSOFT The trusted security provider to your trusted security provider CRYPTSOFT is a privately held Australian company that operates worldwide in the enterprise key management security market. Cryptsoft s Key Management Interoperability Protocol (KMIP) and PKCS#11 software development kits (SDKs) are the market s preferred OEM solutions. Cryptsoft s solutions have been selected by prominent global companies for interoperable enterprise key management and encryption technology in their storage, infrastructure & security and cloud products. Cryptsoft is committed to the development of standards based security software and is an OASIS Foundational Sponsor, SNIA and SSIF Voting Member. CRYPTSOFT S valued customers include: SALES.COM
3 I DIDN T KNOW YOU DID THAT? KMIP adoption KMIP embedded in major enterprise products STORAGE INFRASTRUCTURE & SECURITY CLOUD Disk Arrays, Flash Storage Arrays NAS Appliances Tape Libraries, Virtual Tape Libraries Encrypting Switches Storage Key Managers Storage Controllers Storage Operating Systems Key Managers Hardware Security odules Encryption Gateways Virtualization Managers Virtual Storage Controllers Network Computing Appliances Secure Application Development Key Managers Compliance Platforms Information Managers Enterprise Gateways and Security Enterprise Authentication Endpoint Security Financial Services Applications Banking Applications SALES.COM
4 Selecting a KMIP Vendor Questions to ask vendors KMIP is an established OASIS standard but not all vendors are suitable to deliver your critical business needs. The following are questions that customers need to ask vendors of KMIP products to ensure that they get a secure, flexible and standards compliant KMIP product that will meet their current and future needs. Open Standards KMIP Support Question Does the vendor participate in open key management standards? Does the vendor offer an open standard in their currently shipping servers? Does the vendor offer an open standard in their key management clients? Does the vendor actually use the open standard in their integrations? Does the vendor offer support for OASIS? KMIP 1.0? KMIP 1.1? KMIP 1.2? KMIP 1.3? KMIP 1.4? Are all KMIP Profiles Supported? Other Ability to support your development? Does the vendor provide an SDK for application integration? Which programming languages are supported: - ANSI C? - C++? - C-Sharp (C#)? - Java? - Python? Are these supported on multiple platforms? Is there support for standard Web integration? Is source for the SDK provided or able to be purchased? Interoperability Audit/ Analytics/ Compliance Does the vendor participate in open interoperability demonstrations? Is all claimed KMIP functionality support independently verified? Are independent testing reports available? Can a customer easily repeat the claimed interoperability testing? Are interoperability servers internet available for testing? Are Standard secure Web Proxies supported for navigation of gateways/ firewalls? Are all operations on a KMIP server able to be recorded for: - Audit? - Analytics? - Compliance? Can third-party clients be monitored? SALES.COM
5 Key Management SDKs Complete vendor-independent key management solution Cryptsoft s Key Management SDKs enable rapid addition of interoperable key management functionality to your existing products. Providing both Client and Server SDKs, Cryptsoft KMIP SDKs have been integrated into the majority of all KMIP products on the market today, eliminating the need for rework to interact with another vendor s endpoint. Key Features Full OASIS KMIP compliance Versions: 1.0, 1.1, 1.2, 1.3*, 1.4 Guaranteed interoperability With all released KMIP products Cross-Language Support Clients in C, Java, C-Sharp, C++ and Python Servers in C and Java As the security market s preferred KMIP vendor, Cryptsoft has the technology and the relationships to ensure your product delivers its maximum potential. Using the Cryptsoft SDKs in ANSI C, Java, C-Sharp, C++ and Python, you can support KMIP key management protocols with a single, consistent interface and provide your customers with a complete vendor-independent key management solution. Clients Servers KMIP KEY MANAGEMENT INTEROPERABILITY PROTOCOL SALES.COM
6 KMIP Key Management Interoperability SDKs Test Suite Complete vendor-independent key management solution Client SDK Products KMIP C Client SDK KMIP Java Client SDK KMIP C-Sharp Client SDK KMIP C++ Client SDK KMIP Python Client SDK KMIP C Client Layered Protocol SDKs for Proprietary Protocols KMIP C Client PKCS11 Adapter KMIP C Client Oracle TDE & Microsoft BitLocker KMIP C Client Layered Protocol SDK KMIP C Interoperability Test Suite KMIP Java Interoperability Test Suite Online Test Service (XML/JSON) Server SDK Products KMIP C Server SDK KMIP Java Server SDK KMIP Alert Server SDK KMIP Server VM Subscription (Annual - C or Java) KMIP Server Administration Interface (for C or Java Server SDK) KMIP C Proxy Servers for Proprietary Protocols KMIP C Server Integration Modules (PKCS11, HSM, RNG) KMIP C Server OTP Server Module KMIP C Server Integration Module (Audit/Analytics/Compliance) Features Comprehensive example code Source licence option Supports KMIP v1.0, v1.1, v1.2, and v1.3*, 1.4 Supports proprietary key management protocols (optional plugins to C SDK) Supported Hardware Security Modules and Random Number Generators ID Quantique - Quantis USB (RNG) [Vendor] ID Quantique - Quantis PCI (RNG) [Vendor] ID Quantique - Quantis PCIe (RNG) [Vendor] Feitian - epass [PKCS#11] Oracle - SCA6000 [PKCS#11] SafeNet - Luna SA4/SA5 (RNG/HSM) [PKCS#11] SafeNet - Luna CA (RNG/HSM) [PKCS#11] SafeNet - Luna PCI (RNG/HSM) [PKCS#11] SafeNet - Protect Server (RNG/HSM) [PKCS#11] Thales e-security - nshield Connect (RNG/HSM) [PKCS#11] Thales e-security - nshield Edge (RNG/HSM) [PKCS#11] Thales e-security - nshield Solo (RNG/HSM) [PKCS#11] Utimaco CryptoServer CSe10 PCIe/LAN (RNG/HSM) [PKCS#11] Utimaco CryptoServer CSe100 PCIe/LAN (RNG/HSM) [PKCS#11] Supported One Time Password Devices Android [OATH-TOTP] [Soft Token] Cryptsoft [OATH-TOTP] Feitian [OATH-HOTP/TOTP] Apple [OATH-TOTP] [Soft Token] Mi-Token [OATH-TOTP] [Soft Token] RSA Security SecurID [SecurID] Litheware Tombé [OATH-HOTP] [YubiKey] Yubico [OATH-HOTP/TOTP] [YubiKey] Supported Databases Oracle MySQL Oracle Database Microsoft SQL Server SQLite IBM DB2 PostgreSQL Embedded (lightweight) HSQLDB java SALES.COM
7 KMIP Client SDKs C, C++, C#, Java, Python A complete range of vendor-independent key management solutions Cryptsoft s Key Management Interoperability Protocol (KMIP) SDKs let you rapidly add interoperable, standards-based, enterprise key management capability to your existing applications. Reduce time to market, KMIP-enable your solution within days, not months, using our comprehensive collection of example code provided by the market leader in key management SDKs. From specialised embedded systems through to scalable, whole of enterprise solutions, your KMIP SDK license is backed by a global support network, offering a total key management solution. Key Features Full OASIS KMIP compliance Versions: 1.0, 1.1, 1.2, 1.3*, 1.4 Guaranteed interoperability With all released KMIP server products Extensive range of supported platforms Custom platform ports on request Available as a binary SDK Source license option Comprehensive example code Custom examples available - rapid integration Supported on over 35 different platforms Including Linux, Windows, Embedded KMIP KEY MANAGEMENT INTEROPERABILITY PROTOCOL KMIP Server SDKs c java KMIP Client SDK KMIP Client SDKs ckmip c++ cserver # java SDKpython SALES.COM
8 KMIP Client SDKs C, C++, C#, Java, Python KMIP Client Examples Simple Protocol Format Parsing TTLV, HEX, BIN, JSON, XML Simple Servers Query, Notify, Put Simple Clients Locate Objects, Create and Return Objects Locating Managed Objects Simple, Extended, IBM TKLM/SKLM, XML KMIP Standard Operations Create, Register, Destroy, Get, Get Attribute List, Get Attributes, Create Key Pair, Re-key, Re-key Key Pair 1.1, Archive, Recover, Activate, Derive Key Creating Keys Simple, Advanced, Extensions Supported KMIP Profiles Advanced Cryptographic Client 1.2 Advanced Symmetric Key Foundry Client Asymmetric Key Lifecycle Client Baseline Client Basic Baseline Client TLS v1.2 Basic Cryptographic Client 1.2 Supported KMIP Operations Activate Add Attribute Archive Cancel Certify Check Create Create Key Pair Create Split Key 1.2 Decrypt 1.2 Delete Attribute Derive Key Destroy Discover Versions 1.1 Managing Attributes Add, Modify, Delete Attribute Linear Tape Open (LTO) LTO-4 Key Management, LTO-5/6 Key Management, KAD, AKAD, UKAD naming, Generic LTO-4 Random Number Generator (RNG) 1.2 Retrieve Server RNG, Seed Server RNG Server Cryptographic Operations 1.2 Encrypt, Decrypt, Sign, Signature Verify MAC, MAC Verify, Hash Determine Capabilities Server SDK Version, Discover Protocol Versions 1.1, Query Server Basic, Query Server Extensions 1.1, Query Advanced Capabilities 1.3 Basic Symmetric Key Foundry Client HTTPS Client Intermediate Symmetric Key Foundry Client JSON Client Opaque Managed Object Store Client RNG Cryptographic Client 1.2 Encrypt 1.2 Get Get Attribute List Get Attributes Get Usage Allocation Hash 1.2 Join Split Key 1.2 Locate MAC 1.2 MAC Verify 1.2 Modify Attribute Notify Obtain Lease Poll Split Key (Multi-Party Controls) 1.2 Create Split Key, Join Split Key Cryptsoft Vendor Extensions SQL Insert, SQL Update, SQL Delete Generic Multi-protocol Key Handling c c++ Get Key, Put Key, Del Key Request/Response Handling Recording, Replaying, Batching, Bulk Data Loading Client Credential Handling Password-protected TLS Credentials Device Credentials, IBM TKLM/SKLM Storage Array With SED Client Suite-B MinLOS_128 Client Suite-B MinLOS_192 Client Symmetric Key Lifecycle Client Tape Library Client XML Client Put Register Register Query Re-certify Recover Re-key Re-key Key Pair 1.1 Revoke RNG Retrieve 1.2 RNG Seed 1.2 Sign 1.2 Signature Verify 1.2 Validate KMIP Object Types Certificate Opaque Object PGP Key Private Key Public Key Secret Key Supported Encodings TTLV HTTPS/TTLV HTTPS/JSON HTTPS/XML Split Key Symmetric Key Template Supported KMIP Servers Supported Cryptographic Providers OpenSSL 1.0.x OpenSSL FIPS 2.0 OpenSSL (option) Sun/Oracle JCE IBM JCE RSA BSAFE MES 3.x, 4.x (option) RSA BSAFE Share-C (option) RSA BSAFE Crypto-J Bouncy Castle JCE SALES.COM
9 KMIP Server SDKs C and Java A complete range of vendor-independent key management solutions Cryptsoft s Key Management Interoperability Protocol (KMIP) SDKs let you rapidly add interoperable, standards-based, enterprise key management capability to your existing applications. Reduce time to market, KMIP-enable your solution within days, not months, using our comprehensive collection of example code provided by the market leader in key management SDKs. From specialised embedded systems through to scalable, whole of enterprise solutions, your KMIP SDK license is backed by a global support network, offering a total key management solution. Key Features Full OASIS KMIP compliance Versions: 1.0, 1.1, 1.2, 1.3*, 1.4 Guaranteed interoperability With all released KMIP server products Extensive range of supported platforms Custom platform ports on request Available as a binary SDK Source license option Comprehensive example code Custom examples available - rapid integration Supported on over 35 different platforms Including Linux, Windows, Embedded KMIP KEY MANAGEMENT INTEROPERABILITY PROTOCOL KMIP Server SDKs c java KMIP Client SDK KMIP Client SDKs ckmip c++ cserver # java SDKpython SALES.COM
10 KMIP Server SDKs C and Java KMIP Server Examples Simple Protocol Format Parsing Managing Attributes TTLV, HEX, BIN, JSON, XML Add, Modify, Delete Attribute Simple Clients Operations Random Number Generator (RNG) 1.2 Locate Objects, Create and Return Objects Retrieve Server RNG, Seed Server RNG Locating Managed Objects Split Key (Multi-Party Controls) 1.2 Simple, Extended, IBM TKLM/SKLM, Create Split Key, Join Split Key XML Creating Keys KMIP Standard Operations Simple, Advanced, Extensions Create, Register, Destroy, Get, Get Attribute Determine Capabilities List, Get Attributes, Create Key Pair, Rekey, Re-key Key Pair 1.1, Archive, Recover, Versions 1.1, Query Server Basic, Query Server SDK Version, Discover Protocol Activate, Derive Key Server Extensions 1.1, Server Cryptographic Operations 1.2 Query Advanced Capabilities 1.3 Encrypt, Decrypt, Sign, Signature Verify, MAC, MAC Verify, Hash Supported KMIP Profiles Advanced Cryptographic Server 1.2 Advanced Symmetric Key Foundry Server Asymmetric Key Lifecycle Server Baseline Server Basic Baseline Server TLS v1.2 Basic Cryptographic Server 1.2 Basic Symmetric Key Foundry Server HTTPS Server Intermediate Symmetric Key Foundry Server JSON Server Opaque Managed Object Store Server RNG Cryptographic Server 1.2 Cryptsoft Vendor Extensions SQL Insert, SQL Update, SQL Delete Request/Response Handling Recording, Replaying, Batching, Bulk Data Loading Administration Create, Modify, Delete Users, Partitions, Groups, Manage Group Privileges, Serialize, Deserialize Managed Objects Database Schema Management and Migration Fixture Loading, SQL Replay Simple Servers Query, Notify, Put JCE Examples Key Store Provider Storage Array With SED Server Suite-B MinLOS_128 Server Suite-B MinLOS_192 Server Symmetric Key Lifecycle Server Tape Library Server XML Server Supported KMIP Operations Activate Add Attribute Archive Cancel Certify Check Create Create Key Pair Create Split Key 1.2 Decrypt 1.2 Delete Attribute Derive Key Destroy Discover Versions 1.1 Encrypt 1.2 Get Get Attribute List Get Attributes Get Usage Allocation Hash 1.2 Join Split Key 1.2 Locate MAC 1.2 MAC Verify 1.2 Modify Attribute Notify Obtain Lease Poll Put Register Register Query Re-certify Recover Re-Key Re-key Key Pair 1.1 Revoke RNG Retrieve 1.2 RNG Seed 1.2 Sign 1.2 Signature Verify 1.2 Validate Supported Databases Supported Cryptographic Providers Supported Encodings HSQLDB SQLite3 MySQL 5.x Oracle 11.x, 12.x SQL Server IBM DB2 9 & 10 PostgreSQL 8 & 9 Supported KMIP Clients OpenSSL 1.0.x OpenSSL (option) OpenSSL FIPS 2.0 Sun/Oracle JCE IBM JCE RSA BSAFE Crypto-J Bouncy Castle JCE TTLV HTTPS/TTLV HTTPS/JSON HTTPS/XML SALES.COM
11 KMIP C Server Optional Modules Audit, Analytics and Compliance for KMIP Cryptsoft s KMIP C Server Integration Module lets you rapidly add Auditing, Analytics or Compliance features to your KMIP solution. Designed as a component for Cryptsoft s KMIP C Server SDK this allows configurable data collection features for all KMIP compliant key operations allowing your enterprise to Analyze, Audit or ensure the compliance of your key management solution. Cryptsoft s KMIP C Server Integration Module allows all operations from KMIP Servers and Clients that perform key operations on the KMIP server to be recorded and subsequently be interrogated by the Audit, Analytics or Compliance functions in real-time or processed in batch mode to inform operations staff of the performance characteristics of the solution. Key Features Full OASIS KMIP compliance Versions: 1.0, 1.1, 1.2, 1.3*, 1.4 Guaranteed interoperability With all released KMIP server products Extensive range of supported platforms Custom platform ports on request Comprehensive example code Custom examples available - rapid integration Supported on over 35 different platforms Including Linux, Windows, Embedded KMIP Clients or Servers that request key operations from a KMIP Server with the KMIP C Server Integration Module operating do not require special features enabled to enable these enhanced features allowing vendor-independent Audit, Analytics or compliance management without replacing existing end points. Clients KMIP KEY MANAGEMENT INTEROPERABILITY PROTOCOL SALES.COM
12 KMIP C Server Optional Modules Audit, Analytics and Compliance for KMIP The Audit option allows for the systematic and independent examination of records of key operations in an organization to ascertain to what degree the operational reports present a true and fair view of the security of key operations. Server Performance The Analytics option allows for the discovery and communication of meaningful patterns within the audited key operations. This option is available in real-time on the KMIP Server Administration Interface or may be extracted as a scheduled or adhoc data extract for analysis using client tools. Compliance monitors the KMIP operations in a KMIP server to determine whether the key operations undertaken in the enterprise meets stated company policy, and will raise alerts when a threshold of noncompliant operations is performed or acted upon by the server. Invalid Key Requests Supported KMIP Operations Activate Add Attribute Archive Cancel Certify Check Create Create Key Pair Create Split Key 1.2 Decrypt 1.2 Delete Attribute Derive Key Destroy Discover Versions 1.1 Encrypt 1.2 Get Get Attribute List Get Attributes Get Usage Allocation Hash 1.2 Join Split Key 1.2 Year 1 Year 2 Locate MAC 1.2 MAC Verify 1.2 Modify Attribute Notify Obtain Lease Poll Year 3 Put Register Register Query Re-certify Recover Re-Key Re-key Key Pair 1.1 Year 4 Year 5 Revoke RNG Retrieve 1.2 RNG Seed 1.2 Sign 1.2 Signature Verify 1.2 Validate Supported Databases HSQLDB SQLite3 MySQL 5.x Oracle 11.x, 12.x SQL Server IBM DB2 9 & 10 PostgreSQL 8 & 9 SALES.COM
13 # Test ID % & SKFF-M-1-10 SKFF-M-2-10 SKFF-M-3-10 SKFF-M-4-10 SKFF-M-5-10 SKFF-M-6-10 SKFF-M-7-10 SKFF-M-8-10 SKFF-M-9-10 SKFF-M % 25% 5% 12% 15% 20% 18% 5% 20% 10% KMIP Interoperability Test Suite Complete verification solution Cryptsoft s Key Management Interoperability Protocol Test Suites (KXUC) let you rapidly confirm the interoperability status of your product. Reduce time to market and release with the confidence provided by data driven testing. Backed by a global support network, Cryptsoft s KMIP SDKs offer a total key management solution. Key Features Full OASIS KMIP compliance Versions: 1.0, 1.1, 1.2, 1.3*, 1.4 Available as a binary SDK or as a service Source license option Comprehensive test cases KMIP Test Cases and KMIP Profile Test Cases KMIP TEST CASES KMIP PROFILES Define Analyse KXUC C KXUC Java KXUC Web KXUC Cloud Transform Execute Test Report SALES.COM
14 KMIP Interoperability Test Suite Complete verification solution TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC-NP-1-10 TC-NP-2-10 TC-ECC-1-10 TC-ECC-2-10 KMIP v1.0 TC-ECC-3-10 SKFF-M-1-10 SKFF-M-2-10 SKFF-M-3-10 SKFF-M-4-10 SKFF-M-5-10 SKFF-M-6-10 SKFF-M-7-10 SKFF-M-8-10 SKFF-M-9-10 SKFF-M SKFF-M SKFF-M SKFF-O-1-10 SKFF-O-2-10 SKFF-O-3-10 SKFF-O-4-10 SKFF-O-5-10 SKFF-O-6-10 SKLC-M-1-10 SKLC-M-2-10 SKLC-M-3-10 SKLC-O-1-10 AKLC-M-1-10 AKLC-M-2-10 AKLC-M-3-10 AKLC-O-1-10 OMOS-M-1-10 SASED-M-1-10 SASED-M-2-10 SASED-M-3-10 TL-M-1-10 TL-M-2-10 TL-M-3-10 MSGENC-HTTPS-M-1-10 MSGENC-JSON-M-1-10 MSGENC-XML-M-1-10 SUITEB-128-M-1-10 SUITEB-192-M-1-10 TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC KMIP v1.1 TC TC TC TC-NP-1-11 TC-NP-2-11 TC-ECC-1-11 TC-ECC-2-11 TC-ECC-3-11 SKFF-M-1-11 SKFF-M-2-11 SKFF-M-3-11 SKFF-M-4-11 SKFF-M-5-11 SKFF-M-6-11 SKFF-M-7-11 SKFF-M-8-11 SKFF-M-9-11 SKFF-M SKFF-M SKFF-M SKFF-O-1-11 SKFF-O-2-11 SKFF-O-3-11 SKFF-O-4-11 SKFF-O-5-11 SKFF-O-6-11 SKLC-M-1-11 SKLC-M-2-11 SKLC-M-3-11 SKLC-O-1-11 AKLC-M-1-11 AKLC-M-2-11 AKLC-M-3-11 AKLC-O-1-11 OMOS-M-1-11 OMOS-O-1-11 SASED-M-1-11 SASED-M-2-11 SASED-M-3-11 TL-M-1-11 TL-M-2-11 TL-M-3-11 MSGENC-HTTPS-M-1-11 MSGENC-JSON-M-1-11 MSGENC-XML-M-1-11 SUITEB-128-M-1-11 SUITEB-192-M-1-11 TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC TC-NP-1-12 TC-NP-2-12 TC-ECC-1-12 TC-ECC-2-12 TC-ECC-3-12 TC-PGP-1-12 TC-MDO-1-12 TC-MDO-2-12 TC-MDO-3-12 TC-SJ-1-12 TC-SJ-2-12 KMIP v1.2 TC-SJ-3-12 TC-SJ-4-12 SKFF-M-1-12 SKFF-M-2-12 SKFF-M-3-12 SKFF-M-4-12 SKFF-M-5-12 SKFF-M-6-12 SKFF-M-7-12 SKFF-M-8-12 SKFF-M-9-12 SKFF-M SKFF-M SKFF-M SKFF-O-1-12 SKFF-O-2-12 SKFF-O-3-12 SKFF-O-4-12 SKFF-O-5-12 SKFF-O-6-12 SKLC-M-1-12 SKLC-M-2-12 SKLC-M-3-12 SKLC-O-1-12 AKLC-M-1-12 AKLC-M-2-12 AKLC-M-3-12 AKLC-O-1-12 OMOS-M-1-12 OMOS-O-1-12 SASED-M-1-12 SASED-M-2-12 SASED-M-3-12 TL-M-1-12 TL-M-2-12 TL-M-3-12 MSGENC-HTTPS-M-1-12 MSGENC-JSON-M-1-12 MSGENC-XML-M-1-12 SUITEB-128-M-1-12 SUITEB-192-M-1-12 CS-BC-M-1-12 CS-BC-M-2-12 CS-BC-M-3-12 CS-BC-M-4-12 CS-BC-M-5-12 CS-BC-M-7-12 CS-BC-M-8-12 CS-BC-M-9-12 CS-BC-M CS-BC-M CS-BC-M CS-BC-M CS-BC-M CS-RNG-M-1-12 CS-RNG-O-1-12 CS-RNG-O-2-12 CS-RNG-O-3-12 CS-RNG-O-4-12 CS-AC-M-1-12 CS-AC-M-2-12 CS-AC-M-3-12 CS-AC-M-4-12 CS-AC-M-5-12 CS-AC-M-6-12 CS-AC-M-7-12 CS-AC-M-8-12 TC-CREG-2-13 TC-OFFSET-1-13 TC-OFFSET-2-13 TC-OTP-1-13 TC-OTP-2-13 TC-OTP-3-13 TC-Q-CAP-2-13 TC-Q-CREG-1-13 TC-Q-PROF-2-13 TC-Q-RNGS-2-13 TC-Q-VAL-1-13 TC-Q-S2C-1-13 KMIP v1.3 TC-Q-S2C-2-13 TC-Q-S2C-PROF-2-13 TC-STREAM-HASH-1-13 TC-STREAM-HASH-3-13 TC-RNG-ATTR-1-13 TC-RNG-ATTR-2-13 TC-STREAM-ENC-1-13 TC-STREAM-ENC-2-13 TC-STREAM-ENCDEC-1-13 KMIP v1.4 TC-PKCS TC-Q-CAP-3-14 TC-WRAP-1-14 TC-WRAP-2-14 TC-WRAP-3-14 SALES.COM
15 OTP Authentication Tokens Wirelessly programmable OTP tokens Cryptsoft and Feitian have collaborated to deliver a wirelessly programmable OATH compliant One- Time-Password (OTP) authentication token that is supported by Cryptsoft s OASIS Key Management Interoperability Protocol (KMIP) products. Cryptsoft s OTP solution is based on open standards and allows the enterprise to manage the full lifecycle of the seed records that underpin the security in an OTP solution. This ensures that only the enterprise has access to the seed records, and the enterprise has full control over the provisioning, usage, and de-provisioning of tokens. Key Features Strong two-factor authenticator Unique password generated each time OATH compliant time-based TOTP device Easy to integrate with third party systems Single-button OTP hardware token 6 or 8 character LCD OASIS KMIP integration Client authentication and seed provisioning OTP KMIP PKCS11 CR OTP KMIP PKCS11 CR-101 KMIP KEY MANAGEMENT INTEROPERABILITY PROTOCOL OTP with manufacturing test seed OTP Token wirelessly programmed with new seed from KMIP Server Enterprise Key Management Server SALES.COM
16 OTP Authentication Tokens Wirelessly programmable OTP tokens Time based One Time Password (TOTP) tokens provide users with a secure and reliable hardware device to integrate standards-based hardware two-factor authentication. Two-factor authentication with TOTP combines something you know (your password) with something you have (a unique number sequence generated by a hardware device). Both of these factors are required to authenticate which substantially improves the security properties when compared to a single factor authentication solution. The non-predictable six or eight digit token output is derived from both the secret seed record and the on-board real time clock (RTC). A single hardware token can be programmed for variable output (6 or 8 digits) and variable time intervals (30 or 60 seconds) ensuring a solution is easily tailored to your enterprise security context. Two (or more) tokens initialised with the same seed value can be used for person-to-person two-factor authentication entirely independent of any server infrastructure. The same seed record can also be loaded into software based TOTP solutions allowing for a mixed hardware and software deployment context. As tokens are now substantially more cost effective than in the past, each user can be issued with multiple tokens and replacement tokens in the case of token loss, enabling broader use of two-factor authentication within your enterprise. Algorithm Algorithm Class Hardware Input Hardware Display Hardware Serial Hardware Certificate Operating Temperature Storage Temperature Casing Physical Security Key Storage Data Retention Battery Lifecycle Endurance Humidity - OATH TOTP - Time-based - Built-in button Character LCD - Unique S/N - ROHS Compliant C to 50 C C to 70 C - Hard molded ABS - Tamper Evident - Static RAM - Lithium battery years - > 14,000 clicks - 5% to 90% SALES.COM
17 U2F Authentication Tokens FIDO compliant second factor authentication token Cryptsoft and Feitian have collaborated to deliver a Fast IDentity Online (FIDO) Universal Second Factor (U2F) authentication token that is supported by Cryptsoft s OASIS Key Management Interoperability Protocol (KMIP) products. Cryptsoft s U2F token meets the market demand for stronger privacy, security, and increased ease of use while avoiding the difficulties of using multiple usernames and passwords. Feitian s FIDO compliant authentication token brings the benefits of lower costs, stronger security, interoperability, and open standards, while also avoiding vendor lock-in and proprietary technology costs. Key Features One-Device-For-All One device secures multiple services, including services from Google, Yubico and Cryptsoft Privacy Service specific encryption keys No keys shared among service providers Security No phishing or man-in-the-middle attacks Easy to Use Just register once Press one button each time to authenticate No additional drivers or software required Wide Compatibility Works on Windows, Linux, OSX Universally identified as a USB HID device FIDO Alliance Compliant Second Factor Experience (U2F standards) Online Authorisation Request Local Device Authentication Success website Authenticated Login and Password Insert U2F Token, Press button Authenticated SALES.COM
18 U2F Authentication Tokens FIDO compliant second factor authentication token Why is FIDO Different? The FIDO U2F protocol uses standard public key cryptography techniques to provide stronger authentication. During registration with an online service, the user s client device creates a new key pair. It retains the private key and registers the public key with the online service. Authentication is done by the client device proving possession of the private key to the service by signing a challenge. The client s private keys can be used only after they are unlocked locally on the device by the user. The local unlock is accomplished by a user friendly and secure action such as swiping a finger, entering a PIN, speaking into a microphone, inserting a second factor device or pressing a button. The FIDO protocols are designed from the ground up to protect user privacy. The protocols do not provide information that can be used by different online services to collaborate and track a user across the services. U2F Registration Bank.com 1 4 website.com Lynn John D + Sue rence Rex Bryso 2 3 website Enter User Enter Password website john_d@ .com ******** User is prompted to choose an available FIDO authenticator that matches the online service s acceptance policy. User unlocks the FIDO authenticator using a fingerprint reader, a button on a second factor device, securely entered PIN or other method. User s device creates a new public/private key pair unique for the local device, online service and user s account. Public key is sent to the online service and associated with the user s account. The private key and any information about the local authentication method (such as biometric measurements or templates) never leave the local device. U2F Login Online service challenges the user to login with a previously registered device that matches the service s acceptance policy. Bank.com website Enter User Enter Password User unlocks the FIDO authenticator using the same method as at Registration time. 1 website.com 2 Device uses the user s account identifier provided by the service to select the correct key and sign the service s challenge. Lynn John D Sue website john_d@ .com ******** Client device sends the signed challenge back to the service, which verifies it with the stored public key and logs in the user. 4 Terence Rex Bryson 3 SALES.COM
19 The Cryptsoft Quality Management System is certified to ISO 9001:2008 Cryptsoft is an OASIS Foundational Sponsor and an active member and contributor to the KMIP and PKCS#11 technical committees KMIP STANDARD PKCS#11 STANDARD Cryptsoft is voting member of the Storage Networking Industry Association (SNIA) and the Storage Security Industry Forum (SSIF)
20 R SALES.COM 1
THE TRUSTED SECURITY PROVIDER TO YOUR TRUSTED SECURITY PROVIDER
R THE TRUSTED SECURITY PROVIDER TO YOUR TRUSTED SECURITY PROVIDER CRYPTSOFT is a privately held Australian company that operates worldwide in the enterprise key management security market. Cryptsoft s
More informationKey Management Interoperability Protocol (KMIP)
www.oasis-open.org Management Interoperability Protocol (KMIP) April 2 nd, 2009 1 Agenda The Need for Interoperable Management KMIP Overview KMIP Specification KMIP Use Cases 2 The Need for Interoperable
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationMulti-Vendor Key Management with KMIP
Multi-Vendor Key Management with KMIP Tim Hudson CTO & Technical Director tjh@cryptsoft.com 1 Abstract Practical experience from implementing KMIP and from deploying and interoperability testing multiple
More informationAXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure
AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical
More informationContents. Notices Terms and conditions for product documentation.. 43 Trademarks Index iii
Overview IBM ii Overview Contents Product overview........... 1 What's new in this release.......... 1 License usage metrics........... 2 Supported languages........... 3 Features overview............
More informationSxS Authentication solution. - SXS
SxS Authentication solution. - SXS www.asseco.com/see SxS Single Point of Authentication Solution Asseco Authentication Server (SxS) is a two-factor authentication solution specifically designed to meet
More informationUnbound and Oasis KMIP Interoperability
Unbound and Oasis KMIP Interoperability Thad Roemer, Solutions Architect April 2018 What does KMIP do? Security Applications or Appliances Key Material & Metadata Transport KMIP Key Management Server Create,
More informationInteroperable Key Management for Storage. PRESENTATION TITLE GOES HERE Subhash Sankuratripa8, NetApp (Co- Chair KMIP) Tim Hudson, CryptsoD
Interoperable Key Management for Storage PRESENTATION TITLE GOES HERE Subhash Sankuratripa8, NetApp (Co- Chair KMIP) Tim Hudson, CryptsoD Abstract! A standard for interoperable key management exists but
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! Compliance, standards, and best practices! Encryption and
More informationKey Management Interoperability Protocol Profiles Version 1.4
Key Management Interoperability Protocol Profiles Version 1.4 OASIS Standard 22 November 2017 Specification URIs This version: http://docs.oasis-open.org/kmip/profiles/v1.4/os/kmip-profiles-v1.4-os.docx
More informationAdding value to your MS customers
Securing Microsoft Adding value to your MS customers Authentication - Identity Protection Hardware Security Modules DataSecure - Encryption and Control Disc Encryption Offering the broadest range of authentication,
More informationEchidna Concepts Guide
Salt Group Concepts Guide Version 15.1 May 2015 2015 Salt Group Proprietary Limited. All rights reserved. Information in this document is subject to change without notice. The software described in this
More informationMulG-Vendor Key Management with KMIP
MulG-Vendor Key Management with KMIP Tim Hudson CTO Cryptso2 tjh@cryptso2.com GS13A 19-May-2016 1:35pm Key Management 1000011010100100101100101010000010101000101001101001111010001100 Key Management Standards
More informationContents. Notices Terms and conditions for product documentation.. 45 Trademarks Index iii
Overview IBM ii Overview Contents Product overview........... 1 What's new in this release.......... 1 Supported languages........... 3 Features overview............ 3 Key serving.............. 4 Encryption-enabled
More informationDeprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018
Deprecating the Password: A Progress Report Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018 The password problem Alpha-numeric passwords are hard for humans to remember and easy
More informationThales e-security. Security Solutions. PosAm, 06th of May 2015 Robert Rüttgen
Thales e-security Security Solutions PosAm, 06th of May 2015 Robert Rüttgen Hardware Security Modules Hardware vs. Software Key Management & Security Deployment Choices For Cryptography Software-based
More informationDyadic Enterprise. Unbound Key Control For Azure Marketplace. The Secure-As-Hardware Software With a Mathematical Proof
Dyadic Enterprise Unbound Key Control For Azure Marketplace The Secure-As-Hardware Software With a Mathematical Proof Unbound Key Control (UKC) is the first software-only key management and key protection
More informationAS emas emudhra Authentication Solution
AS emas emudhra Authentication Solution Create your own trusted enterprise network of users, devices, applications! With malware, ransomware and other cyber threats constantly thrown at Enterprises, a
More informationThe SafeNet Security System Version 3 Overview
The SafeNet Security System Version 3 Overview Version 3 Overview Abstract This document provides a description of Information Resource Engineering s SafeNet version 3 products. SafeNet version 3 products
More informationMeeting the requirements of PCI DSS 3.2 standard to user authentication
Meeting the requirements of PCI DSS 3.2 standard to user authentication Using the Indeed Identity products for authentication In April 2016, the new PCI DSS 3.2 version was adopted. Some of this version
More informationBlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module
BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE Cryptographic Appliances with Integrated Level 3+ Hardware Security Module The BlackVault hardware security platform keeps cryptographic material
More informationIDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller
IDCore Flexible, Trusted Open Platform financial services & retail enterprise > SOLUTION Government telecommunications transport Trusted Open Platform Java Card Alexandra Miller >network identity >smart
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationMobilePASS. Security Features SOFTWARE AUTHENTICATION SOLUTIONS. Contents
MobilePASS SOFTWARE AUTHENTICATION SOLUTIONS Security Features Contents Introduction... 2 Technical Features... 2 Security Features... 3 PIN Protection... 3 Seed Protection... 3 Security Mechanisms per
More informationSafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION
SafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION Encrypt application data and keep it secure across its entire lifecycle no matter where it is transferred, backed up, or copied Rich application encryption
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationepass FIDO -NFC PRODUCT MANUAL
epass FIDO -NFC PRODUCT MANUAL V1.3 2017-03 FEITIAN Technologies Co., Ltd. Website: www.ftsafe.com Overview Feitian epass FIDO -NFC is a FIDO alliance certified U2F authentication key. Unlike the traditional
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! What s new from Microsoft?! Compliance, standards, and
More informationKey Management Interoperability Protocol Crypto Profile Version 1.0
Key Management Interoperability Protocol Crypto Profile Version 1.0 Working Draft 0708 25 7 NovemberOctober 2012 Technical Committee: OASIS Key Management Interoperability Protocol (KMIP) TC Chairs: Robert
More informationDyadic Security Enterprise Key Management
Dyadic Security Enterprise Key Management The Secure-as-Hardware Software with a Mathematical Proof Dyadic Enterprise Key Management (EKM) is the first software-only key management and key protection system
More informationSafeGuard SecurityServer
SafeGuard SecurityServer The Hardware Security Module for Securing Cryptographic Key Material Transparent Pricing Unlimited connections without extra licenses. Unrestricted use in applications. Compliance
More informationEKM: The Real Story Q&A with EKM Server Vendors Tony Cox Chair - SNIA Storage Security Industry Forum (Cryptsoft)
EKM: The Real Story Q&A with EKM Server Vendors Tony Cox Chair - SNIA Storage Security Industry Forum (Cryptsoft) Overview Purpose: To deliver candid answers to questions from the audience on various aspects
More informationCrypto-Options on AWS. Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH
Crypto-Options on AWS Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH Amazon.com, Inc. and its affiliates. All rights reserved. Agenda
More informationTransKrypt Security Server
TransKrypt Security Server Overview Security of transactions is critical as the volume of payments are growing at a faster pace from new generation mobile and broadband based IP payment terminals and devices.
More informationKey Management in a System z Enterprise
IBM Systems IBM z Systems Security Conference Business Security for today and tomorrow > 27-30 September Montpellier Key Management in a System z Enterprise Leo Moesgaard (lemo@dk.ibm.com) Manager of IBM
More informationFIPS Non-Proprietary Security Policy
Quantum Corporation Scalar Key Manager Software Version 2.0.1 FIPS 140-2 Non-Proprietary Security Policy Document Version 1.4 Last Update: 2010-11-03 8:43:00 AM 2010 Quantum Corporation. May be freely
More informationHp Enterprise Secure Key Manager User Guide
Hp Enterprise Secure Key Manager User Guide HP StoreEver MSL Tape Libraries Encryption Key Server Configuration Guide follow theinstructions in the HP Enterprise Secure Key Manager User Guide. LDAP and
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationAccess Control in KMIPv1.1
Robert Haas, Marko Vukolic (IBM) 7 April 2010 Access Control in KMIPv1.1 Summary of Changes Changes wrt. the last set of slides in red 2 additional role permissions related to creation/registration using
More informationWhite Paper. Deploying CKMS Within a Business
White Paper Deploying CKMS Within a Business 1 Introduction The Cryptomathic Crypto Key Management System (CKMS) is a market-leading lifecycle key management product that can manage cryptographic keys
More informationSecurity Requirements for Crypto Devices
Security Requirements for Crypto Devices Version 1.0 02 May 2018 Controller of Certifying Authorities Ministry of Electronics and Information Technology 1 Document Control Document Name Security Requirements
More informationYubico with Centrify for Mac - Deployment Guide
CENTRIFY DEPLOYMENT GUIDE Yubico with Centrify for Mac - Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component
More informationSecurity context. Technology. Solution highlights
Code42 CrashPlan Security Code42 CrashPlan provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the enterprise need for
More informationCoSign Hardware version 7.0 Firmware version 5.2
CoSign Hardware version 7.0 Firmware version 5.2 FIPS 140-2 Non-Proprietary Security Policy Level 3 Validation July 2010 Copyright 2009 AR This document may be freely reproduced and distributed whole and
More informationAdvanced Authentication 6.0 includes new features, improves usability, and resolves several previous issues.
Advanced Authentication 6.0 Release Notes May 2018 Advanced Authentication 6.0 includes new features, improves usability, and resolves several previous issues. Many of these improvements were made in direct
More informationHARDWARE SECURITY MODULES (HSMs)
HARDWARE SECURITY MODULES (HSMs) Cryptography: The basics Protection of data by using keys based on complex, randomly-generated, unique numbers Data is processed by using standard algorithms (mathematical
More information3 CERTIFICATION AUTHORITY KEY PROTECTION (HSMS)
3 CERTIFICATION AUTHORITY KEY PROTECTION (HSMS) 3.1 Introduction In any public key infrastructure deployment, the protection of private key material (application keys) associated with the public/private
More informationConnecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
More informationThis Security Policy describes how this module complies with the eleven sections of the Standard:
Vormetric, Inc Vormetric Data Security Server Module Firmware Version 4.4.1 Hardware Version 1.0 FIPS 140-2 Non-Proprietary Security Policy Level 2 Validation May 24 th, 2012 2011 Vormetric Inc. All rights
More informationThe Device Has Left the Building
The Device Has Left the Building Mobile Security Made Easy With Managed PKI Christian Brindley Principal Systems Engineer, Symantec Identity and Information Protection Agenda 1 2 3 Mobile Trends and Use
More informationSmart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security
Smart Cards and Authentication Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security Payment Landscape Contactless payment technology being deployed Speeds
More informationWho What Why
Who What Why Board Members Sponsors Associates To Change Authentication Online by: (a) Developing unencumbered Specifications that define interoperable mechanisms that supplant reliance on passwords (b)
More informationPulseway Security White Paper
Pulseway Security White Paper Table of Contents 1. Introduction 2. Encryption 2.1 Transport Encryption 2.2 Message Encryption 3. Brute-Force Protection 4. DigiCert Code Signing Certificate 5. Datacenter
More informationThe Nasuni Security Model
White Paper Nasuni enterprise file services ensures unstructured data security and privacy, enabling IT organizations to safely leverage cloud storage while meeting stringent governance and compliance
More informationOn Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor
On Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor Ugo Piazzalunga SafeNet Italy Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com
More informationMySQL Enterprise Security
MySQL Enterprise Security Mike Frank Product Management Director Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only,
More informationData Security Overview
Data Security Overview GTUG May 2018 Darren Burkey, Senior PreSales Consultant Atalla darren.burkey@microfocus.com The New Combined Company: built on stability, acquisition and innovation COBOL Network
More informationHOST Authentication Overview ECE 525
Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time
More information<Partner Name> <Partner Product> RSA SECURID ACCESS. NetMove SaAT Secure Starter. Standard Agent Client Implementation Guide
RSA SECURID ACCESS Standard Agent Client Implementation Guide NetMove Daniel R. Pintal, RSA Partner Engineering Last Modified: April 4, 2018 Solution Summary Secure Starter
More informationMicrosoft Architecting Microsoft Azure Solutions.
Microsoft 70-535 Architecting Microsoft Azure Solutions https://killexams.com/pass4sure/exam-detail/70-535 QUESTION: 106 Your organization has developed and deployed several Azure App Service Web and API
More informationHelpdesk Administration Guide Advanced Authentication. Version 6.0
Helpdesk Administration Guide Advanced Authentication Version 6.0 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government
More informationNigori: Storing Secrets in the Cloud. Ben Laurie
Nigori: Storing Secrets in the Cloud Ben Laurie (benl@google.com) April 23, 2013 1 Introduction Secure login is something we would clearly like, but achieving it practically for the majority users turns
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationPayment Card Industry (PCI) PIN Transaction Security (PTS) Hardware Security Module (HSM) Evaluation Vendor Questionnaire Version 2.
Payment Card Industry (PCI) PIN Transaction Security (PTS) Hardware Security Module (HSM) Evaluation Vendor Questionnaire Version 2.0 May 2012 Document Changes Date Version Author Description April 2009
More informationPublic Key Infrastructures Chapter 06 Private Keys
Public Key Infrastructures Chapter 06 Private Keys Cryptography and Computer Algebra Prof. Dr. Johannes Buchmann Dr. Alexander Wiesmaier Personal security environments Store Private keys Certificates Other
More informationSecurity and Certificates
Encryption, page 1 Voice and Video Encryption, page 6 Federal Information Processing Standards, page 6 Certificate Validation, page 6 Required Certificates for On-Premises Servers, page 7 Certificate Requirements
More informationLinQ2FA. Helping You. Network. Direct Communication. Stay Fraud Free!
LinQ2FA Stay Fraud Free! Helping You Direct Communication Secure to your Your customers Network LINQ2FA Stay Fraud Free! Enhance your security against cyber fraud with Two Factor Authentication Suitable
More informationMoser Baer Group 25 years of excellence
Moser Baer Group 25 years of excellence Introduction to the Moser Baer Group Established in 1983 25 years legacy as India s leading technology manufacturing company 8,000 Employees Rs11,000 Crores in Assets
More informationCertificate Enrollment- and Signing Services for the Cloud. A behind-the-scenes presentation of a successful cooperation between
Certificate Enrollment- and Signing Services for the Cloud A behind-the-scenes presentation of a successful cooperation between Introduction Based on our experience and the request from the market we would
More informationYubiKey Smart Card Minidriver User Guide. Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n
YubiKey Smart Card Minidriver User Guide Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n Copyright 2017 Yubico Inc. All rights reserved. Trademarks
More informationNCP Secure Enterprise macos Client Release Notes
Service Release: 3.10 r40218 Date: July 2018 Prerequisites Apple OS X operating systems: The following Apple macos operating systems are supported with this release: macos High Sierra 10.13 macos Sierra
More informationAlliance Key Manager A Solution Brief for Technical Implementers
KEY MANAGEMENT Alliance Key Manager A Solution Brief for Technical Implementers Abstract This paper is designed to help technical managers, product managers, and developers understand how Alliance Key
More informationhidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION
HID ActivOne USER FRIENDLY STRONG AUTHENTICATION We understand IT security is one of the TOUGHEST business challenges today. HID Global is your trusted partner in the fight against data breach due to misused
More informationKMIP 64-bit Binary Alignment Proposal
KMIP 64-bit Binary Alignment Proposal To: OASIS KMIP Technical Committee From: Matt Ball, Sun Microsystems, Inc. Date: May 6, 2009 Version: 2 Purpose: To propose a change to the binary encoding such that
More informationMobile Payment Application Security. Security steps to take while developing Mobile Application s. SISA Webinar.
Mobile Payment Application Security Security steps to take while developing Mobile Application s About SISA Payment Security Specialists PCI Certification Body (PCI Qualified Security Assessor) Payment
More informationIBM Tivoli Directory Server
Build a powerful, security-rich data foundation for enterprise identity management IBM Tivoli Directory Server Highlights Support hundreds of millions of entries by leveraging advanced reliability and
More informationUtimaco HSM Introduction JIPDEC Seminar June 2017
Utimaco HSM Introduction JIPDEC Seminar June 2017 Joerg Horn Director Business Development Utimaco HSM Business Unit Aachen, Germany 2016 hsm.utimaco.com Page 1 Part 1 Introduction Utimaco History HSM
More informationHITACHI FINGER VEIN SERVER. Finger Vein Server (FVS) is the heart of Hitachi s finger vein (FV) biometric solution for Retail Banking.
HITACHI FINGER VEIN SERVER Finger Vein Server (FVS) is the heart of Hitachi s finger vein (FV) biometric solution for Retail Banking. Finger Vein Server A MODULAR CLIENT-SERVER SYSTEM DESIGNED TO SUPPORT
More informationEXPERIENCE SIMPLER, STRONGER AUTHENTICATION
1 EXPERIENCE SIMPLER, STRONGER AUTHENTICATION 2 Data Breaches are out of control 3 IN 2014... 708 data breaches 82 million personal records stolen $3.5 million average cost per breach 4 We have a PASSWORD
More informationGroup as a new managed object in KMIP
Krishna ellepeddy 29 September 2010 Group as a new managed object in KMIP Use cases for group as a new managed object in KMIP 1. Allow creation of groups of heterogeneous or homogeneous managed objects.
More informationKey Management Death Match?
t Death Match? Marc Massar, CISSP, NSA-IAM DEEPSEC IDSC2009 Competing KM Standards Technical Deep Dive Introduction 2 The Problem Why So Many t Products? More Problems Interoperability The Contenders Details
More informationYubiKey Smart Card Minidriver User Guide. Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n
YubiKey Smart Card Minidriver User Guide Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n Copyright 2017 Yubico Inc. All rights reserved. Trademarks
More informationFIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication
FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication Jeremy Grant Managing Director, Technology Business Strategy Venable LLP jeremy.grant@venable.com @jgrantindc Digital: The Opportunity
More informationKeep your fingers off my keys today & tomorrow
SIGS SE February 2017 Keep your fingers off my keys today & tomorrow Marcel Dasen VP Engineering Securosys SA Keys? Encryption keys asymmetric e.g. RSA, ECC public/private key pairs for wrapping symmetric
More informationSecurity Guide Zoom Video Communications Inc.
Zoom unifies cloud video conferencing, simple online meetings, group messaging, and a softwaredefined conference room solution into one easy-to-use platform. Zoom offers the best video, audio, and wireless
More informationTrusted Computing Group
Trusted Computing Group Backgrounder May 2003 Copyright 2003 Trusted Computing Group (www.trustedcomputinggroup.org.) All Rights Reserved Trusted Computing Group Enabling the Industry to Make Computing
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationStop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico
1 Stop sweating the password and learn to love public key cryptography Chris Streeks Solutions Engineer, Yubico Stop Sweating the Password! 2 Agenda Introduction The modern state of Phishing How to become
More informationChannel FAQ: Smartcrypt Appliances
Channel FAQ: Smartcrypt Appliances Q: When were Smartcrypt appliances announced? A: announced the release of our Smartcrypt virtual and physical appliances on September 19, 2017. Smartcrypt Enterprise
More informationADOPTING FIDO SearchSecurity
E-Guide SearchSecurity T he inability of passwords to keep online accounts secure has been recognized for quite some time, but the IT industry has struggled to establish a practical alternative. PAGE 2
More informationIntegral Memory PLC. Crypto Dual (Underlying Steel Chassis) and Crypto Dual Plus (Underlying Steel Chassis) FIPS Security Policy
Integral Memory PLC. Chassis) and Crypto Dual Plus (Underlying FIPS 140-2 Security Policy Table of Contents 1. INTRODUCTION... 1 1.1 Purpose....1 1.2 References... 1 1.3 Document History... 1 2. PRODUCT
More informationKeyOne. Certification Authority
Certification Description KeyOne public key infrastructure (PKI) solution component that provides certification authority (CA) functions. KeyOne CA provides: Public key infrastructure deployment for governments,
More informationForeScout Extended Module for MaaS360
Version 1.8 Table of Contents About MaaS360 Integration... 4 Additional ForeScout MDM Documentation... 4 About this Module... 4 How it Works... 5 Continuous Query Refresh... 5 Offsite Device Management...
More informationEnterprise Key Management Infrastructure: Understanding them before auditing them. Arshad Noor CTO, StrongAuth, Inc. Chair, OASIS EKMI-TC
Enterprise Key Management Infrastructure: Understanding them before auditing them Arshad Noor CTO, StrongAuth, Inc. Chair, OASIS EI-TC Agenda What is an EI? Components of an EI Auditing an EI ISACA members
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationSeagate Secure TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module Security Policy
Seagate Secure TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module Security Policy Security Level 2 Rev. 0.9 November 12, 2012 Seagate Technology, LLC Page 1 Table of Contents 1 Introduction...
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationTHALES esecurity: SECURING YOUR DIGITAL TRANSFORMATION
www.thalesesecurity.com THALES esecurity: SECURING YOUR DIGITAL TRANSFORMATION Enterprises are committing to a digital transformation initiative by embracing new opportunities and building
More informationVirtual KeySecure for AWS
Virtual KeySecure for AWS CUSTOMER RELEASE NOTES Version: 8.2.1 Issue Date: June 5 2015 Document Part Number: 007-013116-001, Rev A Contents Product Description... 2 Key Management... 2 High Performance...
More information