Securely manage and store all keys and sensitive data in one single, centralized location
- Manages and stores all keys and sensitive data of a company or group
- Provides a single solution with integrated HSM
- Includes built-in support for 3rd party HSMs
- Certified for Payment and General-Purpose Keys
Securely manage and store all keys and sensitive data in a single, centralized location
KeyBRIDGE UKM is a standalone platform solution that stores all keys and sensitive data for an entire organization. This ensures that the organization has complete control of the key inventory and is not dependent on the availability of a database, service vendor or employee. Its simple key management functionality spans the full key lifecycle from generation through to escrow and termination.
The central user interface provides complete visibility of the entire key inventory at any time.
KeyBRIDGE UKM secures all keys and maintains support for the generation, import, and distribution of any key type.
All keys within KeyBRIDGE UKM are protected under a 256 Bit AES System Master Key, which can be used immediately, distributed as a cryptogram or broken down into component parts or shares.
KeyBRIDGE UKM adds additional value by allowing integration of further Utimaco HSMs as well as third party HSMs like Atalla, Thales and SafeNet, enabling the user to perform key management functions using a single, easy-to-use interface with both local console or RESTful API access.
Detailed Key Inventory
- Tracks generation, import, export, termination details and optional key expiration dates
Full life-cycle key management
- Tracks all instances of imported and exported keys
- Maintains key history even if a key has been terminated and removed from the system
Certified for Payment and General-Purpose use cases
- FIPS 140-2 certified
- PCI-HSM certified
High physical and logical security
- Provides intrusion-resistant and tamper-evident hardware
- Enables role-based access control (RBAC) enforced with dual control and split knowledge
Best-in class entropy and high-quality keys
- NIST SP 800-90B
- AIS 31DRG.4 compliant hash based DRNG
- AIS31 PTG.2 compliant TRNG
Third party HSM integration
- Enables integration of CryptoServer, Atalla, Thales and SafeNet HSMs
Supporting various algorithms and mechanisms
- RSA, DSA, ECDSA with NIST and Brainpool curves
- DH, ECDH with NIST and Brainpool curves
- AES, Triple-DES, DES
- MAC, CMAC, HMAC
- SHA-1, SHA2-Family, SHA3
Easy integration and use
- Through UI & RESTful API interface
- Central interface