Securely manage and store all keys and sensitive data in one single, centralized location
- Manages and stores all keys and sensitive data of a company or group
- Provides a single solution with integrated HSM
- Includes built-in support for 3rd party HSMs
- Certified for Payment and General-Purpose Keys
Delivery Time:
Key Benefits
Details
Securely manage and store all keys and sensitive data in a single, centralized location
KeyBRIDGE Payment HSM Key Manager is a standalone platform solution that stores all keys and sensitive data for an entire organization. This ensures that the organization has complete control of the key inventory and is not dependent on the availability of a database, service vendor or em-ployee. Its simple key management functionality spans the full key lifecycle from generation through to escrow and termination. The central user interface provides complete visibility of the entire key inventory at any time.
KeyBRIDGE Payment HSM Key Manager secures all keys and maintains support for the generation, import, and distribution of any key type. All keys are protected under a 256 Bit AES System Master Key, which can be used immediately, distributed as a cryptogram, or broken down into component parts or shares.
Additional value is added by allowing integration of further Utimaco HSMs as well as third party HSMs like Thales and SafeNet, enabling the user to perform key management functions using a single, easy-to-use interface with both local console and RESTful API access.
Detailed Key Inventory
- Tracks generation, import, export, termination details and optional key expiration dates
Full life-cycle key management
- Tracks all instances of imported and exported keys
- Maintains key history even if a key has been terminated and removed from the system
Certified for Payment and General-Purpose use cases
- FIPS 140-2 certified
- PCI-HSM certified
High physical and logical security
- Provides intrusion-resistant and tamper-evident hardware
- Enables role-based access control (RBAC) enforced with dual control and split knowledge
Best-in class entropy and high-quality keys
- NIST SP 800-90B
- AIS 31DRG.4 compliant hash based DRNG
- AIS31 PTG.2 compliant TRNG
Third party HSM integration
- Enables integration with AT1000 Payment HSM, CryptoServer General Purpose HSM Cse-Series, Thales and SafeNet HSMs
Supporting various algorithms and mechanisms
- RSA, DSA, ECDSA with NIST and Brainpool curves
- DH, ECDH with NIST and Brainpool curves
- AES, Triple-DES, DES
- MAC, CMAC, HMAC
- SHA-1, SHA2-Family, SHA3
Easy integration and use
- Through UI & RESTful API interface
- Central interface