Why manage Cryptographic Devices?
Cryptographic Device is a cornerstone of PKI architecture and security. In this respect, its management must be given special attention.
Administering hosted media and data
Like the certificates it hosts, the life cycle of a cryptographic medium can be staked by several steps: blank, initialized, issued, blocked, revoked … Once the context justifies it (number of devices deployed, security requirements … ), the implementation of a dedicated management system (Token or Card Management System) reinforces the quality and security of the data by allowing strict control of access to services and entitlements.
Security of keys
A cryptographic medium may require several types of security keys. It can generate or import private keys for electronic certificates, may require specific keys related to transaction encryption (in the case of the SCP – Secure Channel Protocol), it can also request keys to reset certain sensitive zones or activate certain keys services. Therefore, these keys external to the cryptographic medium must be managed in a secure hardware environment (HSM) that generates, encrypts, stores and operates these keys with confidence.
Our catalog proposes several solutions in the 2 areas CMS / TMS and HSM and we are at your disposal to study the interest of their implementation in your application context.