CKMS uses a client-server based architecture with shared HSMs to provide a centralized key management solution. The system is accessed by operators using desktop computers equipped with secure PIN pads for key component entry. An extremely flexible ‘key-push’ protocol allows the CKMS server to securely connect with practically any secure host system that supports exchange of cryptographic keys.
Each key is assigned its current state and specific set of attributes, including its history and general life-cycle management. CKMS facilitates efficient operation through the ability to automate and optimize the working processes adhering to the strictest set of security standards.
Full compliance with all relevant industry and government regulations and best business practice is maintained throughout, with the added benefit of automated key management across multiple sub-systems and a central view of all cryptographic keys within the business as a whole.
Key Features
Across all industries the requirements for managing cryptographic keys are becoming more and more complex. Ensuring that the right key is in the right place at the right time is mandated by many organizations, i.e. major card payment scheme providers. This is a complicated requirement as most businesses need to manage an ever-increasing number of keys, while reducing the risk of internal and external fraud, as well as keeping costs at a minimum.
The Central Key Management System (CKMS) streamlines administration and reduces costs associated with traditional key management. Through its flexible and automated protocols, CKMS gives users the flexibility to manage a very large number of keys - throughout their entire life-cycle - without drowning in work. Using CKMS, administrators can uniformly and centrally manage the life-cycle of all cryptographic keys across a range of encryption platforms.
Keys can be securely generated and pushed to any key distribution target as and when required, and key custodians can use asynchronous log-on to projects for adding components securely - reducing the need for manual key ceremonies, while vastly improving workflows.
Main Functions