SAVYINT KMS
Key management system
The key management system – Savyint KSM was developed with the goal of managing a large number of individual cryptographic keys within the organization. As a centralized security system with an open interface based on the OASIS KMIP open standard, Savyint KMS provides the most modern capabilities for storing, operating, and managing the lifecycle of all cryptographic keys in the organization.
SAVYINT KMS
SAVYINT KMS is part of the key management system for the overall digital certificate management of SAVYINT. This means that KMS can easily integrate and expand with other operational and security systems as required, including: Digital Certificate Lifecycle Management System – SAVYINT CLM, Remote Signing System QTSP Remote Signing, Savyint Timestamp, and appropriate Hardware Security Module (HSM) or all-in-one data encryption solutions, digital signature authentication, and mobile identification on the Cloud HSM platform – SAM Appliance.
SAVYINT KMS supports all cryptographic functions according to the KMIP (Key Management Interoperability Protocol) standard.
Key Features
Complete key signing
lifecycle management
The entire key management lifecycle has been supported in SAVYINT KMS from: creation, maintenance, protection, control of key documents and can be used through the standardized KMIP interface
Separate key management
for each entity
Allows for the establishment of management and private access roles for each personnel, department, and for each type of signing key: device security signing key, data encryption signing key, signing key for digital documents of organizations, individuals…
KMIP interface
The KMIP interface allows for easy integration of existing applications. KMIP requires all management activities for digital certificates or signing keys to be stored and managed by the KMS key management system. The KMIP standard includes activities that simplify the creation and control of symmetric and asymmetric cryptographic keys and digital certificates.
REST interface & integration
In cases where the KMIP protocol does not provide the necessary functionality, the REST interface will be used to support the integration of various applications. Protocols such as PKCS#11 or JCA/JCE are used to facilitate integration.
Integration with multiple independent providers
SAVYINT KMS supports integration with various HSM providers to securely store and protect the signing key system.
Control & compliance
The system is capable of managing, clearly authorizing, ensuring accurate distribution of user access rights to each corresponding signing key
Easy feature addition
- Log recording/checking
- Remote control and monitoring
- Access to documents from various applications
- HSM management