cryptovision Enterprise product line Use Smart Cards, the smart way
|
|
- Peregrine Black
- 6 years ago
- Views:
Transcription
1 cryptovision Enterprise product line Use Smart Cards, the smart way cv cryptovision GmbH T: +49 (0) F: +49 (0) info(at)cryptovision.com 1
2 Mindshare Enterprise 2
3 cryptovision Headquarters: Gelsenkirchen, Germany Subsidiary: New York City, USA Sales Offices: Silicon Valley, USA; Vienna, Austria Founded: 1999 by Markus & Andreas Hoffmeister Focus: IT Security, Cryptography, PKI Customer Base: hundreds of customers worldwide Mindshare Enterprise 3
4 Technology Chain GOVERNMENT ID ENTERPRISE IT Mindshare Enterprise 4
5 Technology Chain Documents Terminal Clients Server epasslet SCalibur sc/interface s/mail PKIntegrated CAmelot Mindshare Enterprise 5
6 epasslet Suite 6
7 Comparison: Native versus Java Card Native closed architecture expertise stays at the supplier customization only by supplier new applications only by supplier Java Card open architecture customer can build up expertise customization also by customer everybody can create new applications epasslet Suite 7
8 An applet framework should not depend on proprietary technology. This is only possible with Java Card Java epasslet Suite 8
9 Applications Border Control Secure Online Transactions Entitlement Company ID International Driver License Identification Digital Signatures epasslet Suite 9
10 Editions Custom eid ISO Filesystem ICAO MRTD European Citizen Card ISO Driving License EU Residence Permit epki/ Secure Signature Creation Device Health Insurance German eid Vehicle Registration epasslet Suite 10
11 Technical Details Elliptic Curves (up to 320 Bit) EC DSA signature generation and verification EC DH key agreement RSA/DL (up to 2048 Bit) RSA CRT key generation RSA signatures with PKCS#1 Encoding DH key agreement epasslet Suite v2.1 JCOP R3 J3E120E/J2E120E 120 kbyte EEPROM J3E082E/J2E082E 80 kbyte EEPROM epasslet/mrtd BAC SAC epasslet/mrtd EACv1 epasslet/epki SSCD epasslet/idl epasslet/eacv2 SAC Symmetric DES and Triple DES with 56, 112 and 168 bit AES with 128, 192 and 256 bit Hash SHA 1 with 160 bit SHA 224 with 224 bit SHA 256 with 256 bit Standards GlobalPlatform Java Card CC EAL4+ certification epasslet Suite v1.1 JCOP R3 J3A kbyte EEPROM J3A081/J2A kbyte EEPROM J3A041/J2A kbyte EEPROM J3A080/J2A kbyte EEPROM J2A040/J2A kbyte EEPROM ehealth epasslet/erp epasslet/ehic epasslet/evr epasslet/iso FS epasslet/geid epasslet/eucc epasslet Suite 11
12 epasslet Suite Architecture Applications User data Applet Instance Applet Instance Applet Instance Custom Applet EEPROM Modular Design Based on Common Core Libraries ROM Core Libraries epasslet Suite 12
13 Additional Information Highest certification of a Java Card mask Allows for postissuance applet activation from ROM with minimal EEPROM footprint Highest application range of all Java Card solutions on the market epasslet Suite 13
14 sc/interface 14
15 Smart Cards are the most secure and intelligent hardware solution for your Public Key Infrastructure sc/interface 15
16 What is Security Token Middleware? Interface between any token form factor and any PKI enabled software Hardware Software Middleware sc/interface 16
17 Supported applications depend on the middleware, not on the back end systems Application Middleware Card Management System Identity Management System Token/ Card sc/interface 17
18 Smart Card Applications WWW Login System Login Disk Encryption Secure E Mail Digital Signatures VPN Login SSO eid Card sc/interface 18
19 Technical Details Cards ATOS CardOS: M4.01a / V4.2 / V4.2B / V4.2C / V4.3 / V4.3B / V4.4 / V5.0 / V5.3 AustriaCard JCOP: 21 V2.2 / 21 V2.3.1 / 31 V2.2 / 31 V2.2 contactless / 31 V2.3.1 / 31 V2.3.1 contactless / 31/72 V2.3.1 / 31 / 72 V2.3.1 contactless / 41 V2.2.1 / 41 V2.2.1 contactless / 41 V2.3.1 / 41 V2.3.1 contactless / 41 V2.4 / 41 V2.4 contactless Bundesdruckerei: GoID card v1 D Trust: D Trust Card 3.0, 3.1, 3.2 epasslet Suite 1.1/1.2: on JCOP V2.4.1R3, on JCOP V2.4.1R3 with PACE Profile epasslet Suite 2.0: on JCOP V2.4.2R3, on JCOP V2.4.2R3 with PACE Profile Gemalto: TOP IM GX4 G&D Sm@rtCafé Expert: 3.1 / 3.1 contactless / 3.2 / 4.0 / 5.0 / 6.0 / 6.0 SCP 03 / 7 G&D STARCOS: 3.0 / 3.2 / 3.4 (Swiss Health Card egk) / 3.5 HID Crescendo: C700 / C700 contactless Infineon: JCLX80 jtop / JCLX80 jtop contactless NXP JCOP: V 2.1 / V2.2 / V2.2 Contactless / V2.2 / V2.3.1 / V2.4 / V2.4.1 / V2.4.2 / V2.4.2 R3 / V2.4.2 R3 SCP03 SwissSign: suisseid (CardOS M4.3B / M4.4) TCOS: Signature Card 2.0 Tokens Certgate microsd (NXP JCOP) G&D Sm@rtCafé Expert 3.2 USB token NXP JCOP: V2.2.1 IDptoken 200 SwissSign SwissID (CardOS M4.3B) Swissbit (SCT3512) Windows, OS X, Linux, edirectory IE, Firefox, Safari, Chrome Windows, NCP, OpenVPN CryptWare, Secude, WinMagic s/mail, Outlook, Notes, Secure E Mail PGP, GroupWise, Secude Novell, Secude, IBM Tivoli Access Manager Adobe Reader, suisseid Citrix, IGEL SAP R/3, SSH sc/interface 19
20 sc/interface Architecture Applications Signature Browser E Mail SSO Client Admin Tool User Tool Register Tool TokenD PKCS#11 CSP Mini Driver Secure Token Interface Operating Systems Security Token sc/interface 20
21 Benefits sc/interface supports numerous tokens and profiles sc/interface supports a wide range of applications Card 3rd party card profiles USB Dozens of Smart Cards SIM microsd Readers VPN Login Mobile Security SSL epass Secure E Mail Single Sign on Encryption System Logon Web Authentication Digital Signature sc/interface 21
22 Benefits sc/interface supports multiple platforms Card 3rd party card profiles USB Dozens of Smart Cards SIM microsd Readers VPN Login Mobile Security SSL epass Secure E Mail Single Sign on Encryption System Logon Web Authentication Digital Signature sc/interface 22
23 Additional Information Cryptography Next Generation Elliptic Curve Cryptography (ECC) Password Authenticated Connection Establishment (PACE) Remote desktop operation and terminal servers Biometry Localization support through language files sc/interface 23
24 Customers Government Finance & Insurance Healthcare Industry & Retail Universitätsklinikum Würzburg Metropolitan Transportation Authority of the State of New York sc/interface 24
25 s/mail 25
26 Client based security... provides the best possible protection for your messages s/mail 26
27 s/mail Usage Environment End-to-End Encryption client mail server mail server client s/mail s/mail other s/mime client s/mail 27
28 Technical Details MS Outlook encryption group encryption S/MIME digital signature IBM Notes message recovery key management s/mail 28
29 s/mail Architecture Client s/mail Plugin Outlook/Notes specific s/mail engine S/MIME CDSA MIME CTIL CTIL CTIL LDAP OCSP OCSP OCSP s/mail 29
30 Key Features ECC Support Watchdog Management Tool Group Mailboxes Smart Cards (PKCS#11) Flexible Group Policies PIN/Password Caching PKI Support OCSP Support Message Recovery s/mail 30
31 s/mail in the SPHINX Project s/mail 31
32 CAmelot 32
33 Digital Certificates are an important means for binding a real identity to a digital identity CAmelot 33
34 PKI is the solution for digital certificate lifecycle management Registration Revocation/ EoL Key Generation Request X.509 Certificate Lifecycle Management Certificate Generation Provisioning Use Publication CAmelot 34
35 X.509 and CV syntax: flexible X.509 Certificate Version Serial Number Signature Issuer Validity Subject Subject Public Key Info Authority Key Identifier Subject Key Identifier Key Usage Private Key Usage Period Policy Mappings Subject Alternative Name Issuer Alternative Name typical size: 2,000 byte person or component PC, server certificate holder inspection system or terminal certificate verifier smart card chip syntax: simple Card Verifiable Certificate Profile Identifier Certification Authority Certificate Holder Certificate Holder Authorization Validity Period Key typical size: 200 byte CAmelot 35
36 CAmelot Environment Enterprise environment HSM Card Management System Clients CAmelot PC Repository IDM System CAmelot 36
37 CAmelot Environment Government environment Card production system Document signer (CAmelot) Registration office National identity data base CVCA (CAmelot) CSCA (CAmelot) End user CA (CAmelot) Inspection system DVCA (CAmelot) Certificate repository CAmelot 37
38 Technical Details System Login Windows, Mac, Linux, edirectory WWW Encryption IE, Firefox, Safari VPN Windows, NCP, OpenVPN Disk Encryption CryptWare, WinMagic, McAfee Database IDM Personalisation System Connectors LDAP, SOAP, JDBC Smart Card WiFi Protection E Mail Encryption eid Document Signing Digital Signatures Windows, Xsupplicant s/mail, Outlook, Notes, PGP, GroupWise VeriSign Adobe Reader, SwissSigner Remote Access Citrix, IGEL Document Signing doc/signer Document Authentication Trust ID Terminal Authentication VISOCORE CAmelot 38
39 CAmelot Architecture CAmelot Access Module Database Management Console Protocol Handler Modules Certifier Modules CA Modules Key Manager Modules Certificate Template Modules Publisher Modules LDAP File Smart Card HSM Software CAmelot 39
40 Additional Information General Hierarchies, SubCA Multi-tenancy Logging Smart card support Security HSM, dual security Certificate based login Workflow, signed approval Monitoring Algorithms and standards X.509 and CV CMC EACv2 / TR3129 OCSP SCEP ECC and RSA Convenience Auto-Enrolment Maximum certificate profile flexibility Easy regionalization CAmelot 40
41 cryptovision PKI product evolution ECC crypto SDK 1 st Generation PKI 2 nd Generation PKI 3 nd Generation PKI library First professional ECC SDK with smart card support Foundation for all product development to date ca/manager: X.509 with RSA and ECC Offline only CA with LDAP and CRL support Based on library/pc PKIntegrated: Identity Mgmt. meets PKI Full featured solution with OCSP, HSM and Smart Cards C++ based and requires Novell IDM CAmelot: eliminates all boundaries Flexible and modular design, 100% Java based Enables trust for enterprise IT and government ID nd + Generation PKI extend CAmelot PKI client RA Workflow Engine Key server with remote Key Solutionoriented 2015 / CAmelot 41
42 CAmelot Environment Local RA HSMs Card Management System epasslet card User Employee badge Registration Authority (CAmelot) Certification Authority (CAmelot) Smart card middleware Sc/interface IDM system PKI client Directory service Remote key Keyserver Key recovery CAmelot 42
43 Enrollment (Signatur Certificate) Local RA Keygen application Public key Certificate Directory Service User Key generation Smart card Registration Authority (CAmelot) Certificate Authority PKI client Remote key Keyserver Key recovery CAmelot 43
44 Enrollment (Encryption Certificate) Local RA Directory service User Smart card Registration Authority (CAmelot) Key pair Certificate Certificate Authority PKI client Key generation Private key Remote key Keyserver Key recovery CAmelot 44
45 Use Cases Gateways Server Smart card login Mail encryption Smart card Signing User Authentication Enterprise Auth Payment Physical Access CAmelot 45
46 CAmelot as an Appliance CAmelot Appliance is scalable: Cheap PC can be used Several CA Instances may run on one server As software appliance on a virtual machine vs. High end hardware Desaster Recovery Concepts Extra hardened systems Unique robust systems CAmelot 46
47 Full-featured PKI solution Appliance V-PKI with SIG certificates eidas edict CAmelot with AUTH / ENC certificates eidas compliant PKI appliance with interface to V-PKI services CAmelot 47
48 Full-featured PKI solution Operational area of CAmelot appliance Consolidation of different PKI scenarios 1. Internal CA Log-On Auth Sign Enc Company ID Card eidas compliant PKI appliance with interface to V-PKI services 2. Interface to signature services SIC client Connection to SSA, SAP/SAD 3. Inclusion of signature certificates Run own trusted services CAmelot 48
49 End Contact cv cryptovision cv cryptovision GmbH Munscheidstr Gelsenkirchen Germany Tel: +49 (0) 2 09 / Fax: +49 (0) 2 09 / E Mail: info@cryptovision.com Public Relations Klaus Schmeh Marketing Guido Ringel Product Management Benjamin Drisch, Joachim Kessel, Guido Ringel Sales Marco Smeja, Uwe Skrzypczak, Sascha Wester Thank You! Mindshare Enterprise 49
Overview of cryptovision's eid Product Offering. Presentation & Demo
Presentation & Demo Benjamin Drisch, Adam Ross cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 General Requirements Government of Utopia Utopia Electronic
More informationMindshare 2018 The Nine Steps to Your Company ID:
Mindshare 2018 : An IT Hero s Quest to Get Smart Adam Ross cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 Hooray! Your company has won a lucrative contract!
More informationcryptovision s Enterprise Solutions Brian Kowal, Guido Ringel cryptovision Mindshare 2017
cryptovision s Enterprise Solutions Brian Kowal, Guido Ringel cryptovision Mindshare 2017 cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 cryptovision
More informationcryptovision s Government Solutions Adam Ross, Ben Drisch cryptovision GmbH
cryptovision s Government Solutions Adam Ross, Ben Drisch cryptovision GmbH cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 cryptovision cryptovision Gelsenkirchen
More informationIntroduction to Electronic Identity Documents
Tutorial Introduction to Electronic Identity Documents Klaus Schmeh cryptovision I'm Klaus Schmeh, Chief Editor Marketing at cryptovision. I have published a number of books. Identity Documents Conventional
More informationThe Top Four Trends in eid Technology Marco Smeja, cryptovision Mindshare 2017
The Top Four Trends in eid Technology Marco Smeja, cryptovision Mindshare 2017 cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com 1 2 The Smart Card Evolution
More informationMarket Trends and Veridos solutions for epassports & ID Documents
Market Trends and Veridos solutions for epassports & ID Documents Ludger Holtmann, Senior Product & Portfolio Manager Michael Ruhland-Bauer, Head of Product Mangement Documents Agenda Introducing Veridos
More informationIDCore. Flexible, Trusted Open Platform. financial services & retail. Government. telecommunications. transport. Alexandra Miller
IDCore Flexible, Trusted Open Platform financial services & retail enterprise > SOLUTION Government telecommunications transport Trusted Open Platform Java Card Alexandra Miller >network identity >smart
More informationSSH Communications Tectia SSH
Secured by RSA Implementation Guide for 3rd Party PKI Applications Last Modified: December 8, 2014 Partner Information Product Information Partner Name Web Site Product Name Version & Platform Product
More informationPublic Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman
Public Key Infrastructure PKI National Digital Certification Center Information Technology Authority Sultanate of Oman Agenda Objectives PKI Features etrust Components Government eservices Oman National
More informationPublic. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2
Atos Trustcenter Server Certificates + Codesigning Certificates Version 1.2 20.11.2015 Content 1 Introduction... 3 2 The Atos Trustcenter Portfolio... 3 3 TrustedRoot PKI... 4 3.1 TrustedRoot Hierarchy...
More informationGiovanni Carnovale Technical Account Manager Southeast Europe VASCO Data Security
Giovanni Carnovale Technical Account Manager Southeast Europe The concept of strong authentication Something you have Something you know We authenticate the world 2 Authenticate where? We authenticate
More informationIBM KeyWorks Accelerate Development of your Secure e-business Solutions Sekar Chandersekaran IBM
IBM KeyWorks Accelerate Development of your Secure e-business Solutions Sekar Chandersekaran IBM chanders@us.ibm.com IBM KeyWorks Market Needs History KeyWorks KeyWorks KeyWorks KeyWorks KeyWorks Suite
More informationThe Gemalto offer for PKI market in Russia
The Gemalto offer for PKI market in Russia Miroslaw TOCICKI, Technical Consultant September 18th, 2014 Agenda Introduction Gemalto IdA portfolio Java PKI cards for developers GOST certified solution IDPrime
More informationXceedium Xsuite. Secured by RSA Implementation Guide for 3rd Party PKI Applications. Partner Information. Last Modified: February 10 th, 2014
Secured by RSA Implementation Guide for 3rd Party PKI Applications Last Modified: February 10 th, 2014 Partner Information Product Information Partner Name Xceedium Web Site www.xceedium.com Product Name
More informationBlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module
BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE Cryptographic Appliances with Integrated Level 3+ Hardware Security Module The BlackVault hardware security platform keeps cryptographic material
More informationCan eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010
Can eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010 Content eid Primary Functions eid Privacy Features and Security
More information1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A
www.acs.com.hk 1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A 2 3 ACOS5-64 Series (64KB EEPROM) Cryptographic Smart Card and Token Module
More informationArchitecture 1 3. SecureToken. 32-bit microprocessor smart chip. Support onboard RSA key pair generation. Built-in advanced cryptographic functions
SecureToken Architecture 1 3 2 32-bit microprocessor smart chip Support onboard RSA key pair generation Built-in advanced cryptographic functions 4 5 6 7 8 9 10 Support onboard digital signing Supports
More informationUtimaco HSM Introduction JIPDEC Seminar June 2017
Utimaco HSM Introduction JIPDEC Seminar June 2017 Joerg Horn Director Business Development Utimaco HSM Business Unit Aachen, Germany 2016 hsm.utimaco.com Page 1 Part 1 Introduction Utimaco History HSM
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationThis version of the IDGo 800 middleware contains the following components: IDGo 800 Credential Provider build 01
What s New? Now Supported Doc Ref: D1379783A Date: October 16, 2015 This document presents information about the IDGo 800 V1.2.4-01 for Windows middleware. It shows what has changed since IDGo 800 V1.2.3-04.
More informationKeyOne. Certification Authority
Certification Description KeyOne public key infrastructure (PKI) solution component that provides certification authority (CA) functions. KeyOne CA provides: Public key infrastructure deployment for governments,
More informationLegal Regulations and Vulnerability Analysis
Legal Regulations and Vulnerability Analysis Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) Germany Introduction of the BSI National Authority for Information
More informationThe Open Protocol for Access Control Identification and Ticketing with PrivacY
The Open Protocol for Access Control Identification and Ticketing with PrivacY For Secure Contactless Transactions and Enabling Logical and Physical Access Convergence October 2010 Actividentity 2 OPACITY
More informationJrsys Mobile Banking Solutions
Jrsys Mobile Banking Solutions Jrsys International corp. James Wu Mobile PKI solutions 1.Mobile CA 2.Mobile RA 3.Mobile Signing and Validation Service CA Mobile Signature/ Encryption Mobile PKI Mobile
More information1. Product Overview 2. Product Features 3. Product Value 4. Comparison Chart 5. Product Applications 6. Q & A
www.acs.com.hk 1. Product Overview 2. Product Features 3. Product Value 4. Comparison Chart 5. Product Applications 6. Q & A 2 3 ACOS5 Series (32KB EEPROM) Cryptographic Smart Card and Token Module ACOS5
More informationAugust, Actividentity CTO Office
The Open Protocol for Access Control Identification and Ticketing with PrivacY For the Secure Enablement of converged Access and Contactless Transactions August, 2010 Actividentity CTO Office 2 What is
More information1. Product Overview 2. Product Features 3. Comparison Chart 5. Q & A
www.acs.com.hk 1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Q & A 2 3 ACOS5 Series (32KB EEPROM) Cryptographic Smart Card and Token 5 Time-to-market Mask chip
More informationSmartCards as electronic signature devices Progress of standardization. Helmut Scherzer, CEN TC224/WG16 (Editor) IBM Germany
SmartCards as electronic signature devices Progress of standardization Helmut Scherzer, CEN TC224/WG16 (Editor) IBM Germany scherzer@de.ibm.com Active CEN working groups(today) TC224 : "Machine readable
More informationSignCloud. Remote Digital Signature System
SignCloud Remote Digital Signature System All the information in this document is CONFIDENTIAL and can t be used entirely or in part without a written permission from Bit4id SRL. Contents 1. Executive
More informationAXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure
AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical
More informationCREDENTSYS CARD FAMILY
CREDENTSYS CARD FAMILY Credentsys is a secure smart card family that is designed for national ID systems, passports, and multi-use enterprise security environments. The family is certified to FIPS 140-2
More informationIdentity and Authentication PKI Portfolio
Identity and Authentication PKI Portfolio Gemalto offers comprehensive public key infrastructure (PKI) authentication solutions that provide optimal levels of security. Supporting a wide portfolio of IDPrime
More informationDesigning and Managing a Windows Public Key Infrastructure
Designing and Managing a Windows Public Key Infrastructure Key Data Course #: 2821A Number of Days: 4 Format: Instructor-Led Certification Track: Exam 70-214: Implementing and Managing Security in a Windows
More informationIndeed Card Management Smart card lifecycle management system
Indeed Card Management Smart card lifecycle management system Introduction User digital signature, strong authentication and data encryption have become quite common for most of the modern companies. These
More informationFAMILY BROCHURE. Gemalto SafeNet Authenticators. Diverse Form Factors for Convenient Strong Authentication
FAMILY BROCHURE Gemalto Authenticators Diverse Form Factors for Convenient Strong Diverse Form Factors for Convenient Strong. Offering the broadest range of authentication methods and form factors supported
More informationData Sheet NCP Secure Enterprise Management
Centrally Managed VPN Fully Automatic Operation of a Remote Access VPN via a Single Console Administration and license management system for NCP Exclusive Remote Access Clients Enables easy rollout and
More informationIBM i Version 7.2. Security Digital Certificate Manager IBM
IBM i Version 7.2 Security Digital Certificate Manager IBM IBM i Version 7.2 Security Digital Certificate Manager IBM Note Before using this information and the product it supports, read the information
More informationCertification Authority
Certification Authority Overview Identifying CA Hierarchy Design Requirements Common CA Hierarchy Designs Documenting Legal Requirements Analyzing Design Requirements Designing a Hierarchy Structure Identifying
More informationCoSign Hardware version 7.0 Firmware version 5.2
CoSign Hardware version 7.0 Firmware version 5.2 FIPS 140-2 Non-Proprietary Security Policy Level 3 Validation July 2010 Copyright 2009 AR This document may be freely reproduced and distributed whole and
More informationThe Password Authentication Paradigm In today s business world, security in general - and user authentication in particular - are critical components
YOUR ULTIMATE AUTHENTICATION SOLUTION A l a d d i n. c o m / e T o k e n The Password Authentication Paradigm In today s business world, security in general - and user authentication in particular - are
More informationSecurity Mechanism of Electronic Passports. Petr ŠTURC Coesys Research and Development
Security Mechanism of Electronic Passports Petr ŠTURC Coesys Research and Development Smartcard CPU 16/32 bit 3.57MHz (20MHz) 1.8 / 3/ 5 V ROM 16-300 kb RAM 1-8 kb EEPROM 8-128kB Contactless communication
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationPublic Key Infrastructure
Public Key Infrastructure Ed Crowley Summer 11 1 Topics Public Key Infrastructure Defined PKI Overview PKI Architecture Trust Models Components X.509 Certificates X.500 LDAP 2 Public Key Infrastructure
More informationIDGo Middleware and SDK for Mobile Devices
Smartjac Industries Inc. - Kanalvägen 1A 2nd floor SE-194 61 Upplands Väsby Sweden www.smartjac.com / www.smartjac.biz Phone: +46(8)41071230 - Email: order@smartjac.com IDGo 800 - Middleware and SDK for
More informationAeroMACS Public Key Infrastructure (PKI) Users Overview
AeroMACS Public Key Infrastructure (PKI) Users Overview WiMAX Forum Proprietary Copyright 2019 WiMAX Forum. All Rights Reserved. WiMAX, Mobile WiMAX, Fixed WiMAX, WiMAX Forum, WiMAX Certified, WiMAX Forum
More informationhidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION
HID ActivOne USER FRIENDLY STRONG AUTHENTICATION We understand IT security is one of the TOUGHEST business challenges today. HID Global is your trusted partner in the fight against data breach due to misused
More informationSxS Authentication solution. - SXS
SxS Authentication solution. - SXS www.asseco.com/see SxS Single Point of Authentication Solution Asseco Authentication Server (SxS) is a two-factor authentication solution specifically designed to meet
More informationKeep your fingers off my keys today & tomorrow
SIGS SE February 2017 Keep your fingers off my keys today & tomorrow Marcel Dasen VP Engineering Securosys SA Keys? Encryption keys asymmetric e.g. RSA, ECC public/private key pairs for wrapping symmetric
More informationNCP Exclusive Remote Access Management
Centrally Managed VPN Fully Automatic Operation of a Remote Access VPN via a Single Console Administration and license management system for NCP Exclusive Remote Access Clients Enables easy rollout and
More informationCertificate Enrollment- and Signing Services for the Cloud. A behind-the-scenes presentation of a successful cooperation between
Certificate Enrollment- and Signing Services for the Cloud A behind-the-scenes presentation of a successful cooperation between Introduction Based on our experience and the request from the market we would
More informationBioPassport TM Enterprise Server
BioPassport TM Enterprise Server The BioPassport Enterprise AD Server is the intelligence behind all of IdentAlink s biometric modules. Password management for a network or application can cost hundreds
More informationCONTENTS. vii. Chapter 1 TCP/IP Overview 1. Chapter 2 Symmetric-Key Cryptography 33. Acknowledgements
CONTENTS Preface Acknowledgements xiii xvii Chapter 1 TCP/IP Overview 1 1.1 Some History 2 1.2 TCP/IP Protocol Architecture 4 1.2.1 Data-link Layer 4 1.2.2 Network Layer 5 1.2.2.1 Internet Protocol 5 IPv4
More informationDHS ID & CREDENTIALING INITIATIVE IPT MEETING
DHS ID & CREDENTIALING INITIATIVE IPT MEETING October 14, 2004 Part 02 of 02 IMS/CMS Functional Specification General Issuance Requirements Issue a GSC-IS 2.1 compliant dual chip hybrid ICC/DESFire v0.5
More informationVerifying emrtd Security Controls
Blackhat Europe 2010 Verifying emrtd Security Controls Raoul D Costa 1 3M 2010. All Rights Reserved. Agenda Overview of ICAO / EU Specifications emrtds decomposed emrtd Infrastructure (PKI) Inspecting
More informationSymantec Managed PKI Overview. v8.15
Symantec Managed PKI Overview v8.15 Legal Notice Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo and are trademarks or registered trademarks of
More informationPRICE LIST TRUST SERVICE PRODUCTS. Price List Version 5.9 Berlin, April Copyright 2018, Bundesdruckerei GmbH. Seite 1/9
PRICE LIST TRUST SERVICE PRODUCTS Price List Version 5.9 Berlin, April 2018 Copyright 2018, Bundesdruckerei GmbH Seite 1/9 Qualified Single Signature Cards D-TRUST Card 3.0 EU Signature card according
More informationDr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011
Mobile Security Application Current Status Overview in Taiwan Dr. Char-Shin Miou Chunghwa Telecom. Co. April 7, 2011 Content Problems and Current Status Approach for the Mobile Security Application Mobile
More informationTeldat Secure IPSec Client - for professional application Teldat IPSec Client
Teldat Secure IPSec Client - for professional application Support of Windows 8, 7, Vista and XP (32-/64-bit) IKEv1, IKEv2, IKE Config Mode, X-Auth, certificates (X.509) Integrated personal firewall Easy
More informationProduct Documentation
(/en-us.html) Product Documentation Browse Browse StoreFront 3.1 Technology Preview Search Download full document PDF DOCX PRINT EMAIL System requirements Nov. 12, 2015 When planning your installation,
More informationGuide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1
Guide to Deploying VMware Workspace ONE VMware Identity Manager 2.9.1 VMware AirWatch 9.1 Guide to Deploying VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware
More informationCERTIFICATE POLICY CIGNA PKI Certificates
CERTIFICATE POLICY CIGNA PKI Certificates Version: 1.1 Effective Date: August 7, 2001 a Copyright 2001 CIGNA 1. Introduction...3 1.1 Important Note for Relying Parties... 3 1.2 Policy Identification...
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 6 Release 1 System i Security Digital Certificate Manager Version 6 Release 1 Note Before using this information and the product it supports, be sure
More informationConformity and Interoperability Key Prerequisites for Security of eid documents. Holger Funke, 27 th April 2017, ID4Africa Windhoek
Conformity and Interoperability Key Prerequisites for Security of eid documents Holger Funke, 27 th April 2017, ID4Africa Windhoek Agenda 1. About secunet Security Networks AG 2. Timeline of interoperability
More informationAdding value to your MS customers
Securing Microsoft Adding value to your MS customers Authentication - Identity Protection Hardware Security Modules DataSecure - Encryption and Control Disc Encryption Offering the broadest range of authentication,
More informationIBM. Security Digital Certificate Manager. IBM i 7.1
IBM IBM i Security Digital Certificate Manager 7.1 IBM IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in
More informationConfiguring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider)
Solution Guide ios Managed Configuration Configuring and Delivering Salesforce as a managed application to XenMobile Users with NetScaler as the SAML IDP (Identity Provider) Solution Guide 1 Introduction
More informationDBsign for HTML Applications Version 4.0 Release Notes
DBsign for HTML Applications Version 4.0 Release Notes Copyright 2010 Version 4.0 Copyright Notice: The Release Notes has a copyright of 2000-2010 by Gradkell Computers, Inc. This work contains proprietary
More informationXenApp 5 Security Standards and Deployment Scenarios
XenApp 5 Security Standards and Deployment Scenarios 2015-03-04 20:22:07 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents XenApp 5 Security Standards
More informationApple Product Security
Apple Product Security Meeting IT Security Needs Fed/Ed XIV Washington,DC - December 14, 2006 Shawn Geddis Enterprise Security Consulting Engineer geddis@apple.com December 2006 Certificates and Keys Everywhere
More informationVeinID SCANNERS FOR DIGITAL SIGNING. Hitachi s VeinID Solution for signing digital transactions enables new levels of security and user convenience.
VeinID SCANNERS FOR DIGITAL SIGNING Hitachi s VeinID Solution for signing digital transactions enables new levels of security and user convenience. A POWERFUL COMBINATION OF FIXED AND WIRELESS BIOMETRIC
More informationCertificate Enrollment for the Atlas Platform
Certificate Enrollment for the Atlas Platform Certificate Distribution Challenges Digital certificates can provide a secure second factor for authenticating connections from MAP-wrapped enterprise apps
More informationUnderstanding modern security controllers. - which chip do you need for your identity document?
ID4Africa 2017 Session Credential security Understanding modern security controllers - which chip do you need for your identity document? Ingo Liersch Infineon Director Product Marketing 2017-04- 2 Infineon
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 11: Public Key Infrastructure Department of Computer Science and Engineering University at Buffalo 1 Lecture Outline Public key infrastructure Certificates Trust
More informationSyllabus: The syllabus is broadly structured as follows:
Syllabus: The syllabus is broadly structured as follows: SR. NO. TOPICS SUBTOPICS 1 Foundations of Network Security Principles of Network Security Network Security Terminologies Network Security and Data
More informationIndex. NOTE: Boldface indicates illustrations; t indicates a table. 209
A access control, 21, 23, 67-72, 89-100 Extensible Access Control Markup (XACML) and, 70, 72 fine-grained (entitlement management) and, 71-72, 71 identities and, 68 identity stores (multiple) and, 70 (LDAP)
More informationSymantec Managed PKI. Integration Guide for AirWatch MDM Solution
Symantec Managed PKI Integration Guide for AirWatch MDM Solution ii Symantec Managed PKI Integration Guide for AirWatch MDM Solution The software described in this book is furnished under a license agreement
More informationGuide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1
Guide to Deploying VMware Workspace ONE DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationInterface. Circuit. CryptoMate
A C O S 5 - C T M C r y p t o M a t e U S B T o k e n Version 1.5 03-2007, Email: info@acs.com.hk Website: www.acs.com.hk CryptoMate USB Token 1.0 Introduction Frustrated by network breaches like Trojan
More informationNew open source CA development as Grid research platform.
New open source CA development as Grid research platform. National Research Grid Initiative in Japan Takuto Okuno. 1 About NAREGI PKI Group (WP5) 2 NAREGI Authentication Service Perspective To develop
More informationCertAgent. Certificate Authority Guide
CertAgent Certificate Authority Guide Version 6.0.0 December 12, 2013 Information in this document is subject to change without notice and does not represent a commitment on the part of Information Security
More informationUtimaco eidas Update. June Thorsten Groetker CTO. Utimaco HSM Business Unit Aachen, Germany 2017 Utimaco eidas Update, June 2017 Page 1
Utimaco eidas Update June 2017 Thorsten Groetker CTO Utimaco HSM Business Unit Aachen, Germany 2017 Utimaco eidas Update, June 2017 Page 1 eidas Agenda Recap eidas, Trust Services, Standardization Signature
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.3 Effective
More informationMavenir Systems Inc. SSX-3000 Security Gateway
Secured by RSA Implementation Guide for 3rd Party PKI Applications Partner Information Last Modified: June 16, 2015 Product Information Partner Name Web Site Product Name Version & Platform Product Description
More informationFujitsu mpollux DigiSign Client Technical References
Fujitsu mpollux DigiSign Client Technical References This reference document contains technical information necessary for system administrators, who are installing Fujitsu mpollux DigiSign Client in their
More informationOperated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA
Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA LANL s Multi-Factor Authentication (MFA) Initiatives NLIT Summit 2018 Glen Lee Network and Infrastructure Engineering
More informationDigital signatures: How it s done in PDF
Digital signatures: How it s done in PDF Agenda Why do we need digital signatures? Basic concepts applied to PDF Digital signatures and document workflow Long term validation Why do we need digital signatures?
More informationACOS5-64. Functional Specifications V1.04. Subject to change without prior notice.
ACOS5-64 Functional Specifications V1.04 Subject to change without prior notice Table of Contents 1.0. Introduction... 4 1.1. Card Features... 4 1.2. History of Modifications... 5 2.0. Technical Specifications...
More informationGuide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE
Guide to Deploying VMware Workspace ONE with VMware Identity Manager SEP 2018 VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationeid Consulting References
eid Consulting References Selection of References We are renown for running eid, epassport, eborder projects MOI Germany President of Nigeria Royal Oman Police MOI of U..A.E. MOI of Sudan European Commission
More informationSecure Login for SAP Single Sign-On Sizing Guide
PUBLIC SAP Single Sign-On Document Version: 1.1 2018-07-31 Secure Login for SAP Single Sign-On 3.0 - Sizing Guide 2018 SAP SE or an SAP affiliate company. All rights reserved. THE BEST RUN Content 1 Introduction....3
More informationThe Device Has Left the Building
The Device Has Left the Building Mobile Security Made Easy With Managed PKI Christian Brindley Principal Systems Engineer, Symantec Identity and Information Protection Agenda 1 2 3 Mobile Trends and Use
More informationPKI Services. Text PKI Definition. PKI Definition #1. Public Key Infrastructure. What Does A PKI Do? Public Key Infrastructures
Public Key Infrastructures Public Key Infrastructure Definition and Description Functions Components Certificates 1 2 PKI Services Security Between Strangers Encryption Integrity Non-repudiation Key establishment
More informationDigital Certificates Demystified
Digital Certificates Demystified Ross Cooper, CISSP IBM Corporation RACF/PKI Development Poughkeepsie, NY Email: rdc@us.ibm.com August 9 th, 2012 Session 11622 Agenda Cryptography What are Digital Certificates
More informationPublic Key Establishment
Public Key Establishment Bart Preneel Katholieke Universiteit Leuven February 2007 Thanks to Paul van Oorschot How to establish public keys? point-to-point on a trusted channel mail business card, phone
More informationKey Management and Distribution
Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/
More informationHARDWARE SECURITY MODULES (HSMs)
HARDWARE SECURITY MODULES (HSMs) Cryptography: The basics Protection of data by using keys based on complex, randomly-generated, unique numbers Data is processed by using standard algorithms (mathematical
More information2 Electronic Passports and Identity Cards
2 Picture source: www.bundesdruckerei.de Paper based Passport Radio Frequency (RF) Chip Electronic Passport (E Pass) Biographic data Human readable Partially machine readable (optically) Conventional
More information