SAVYINT PKI in a box TSA
Your CA, Your Rules
Time Stamping Authority
Compatible with Web Trust, eIDAS Qualified Timestamp, CA/B forum standards
Savyint PKI in a Box is a solution for deploying Public Key Infrastructure (PKI), packaged in a box hardware device with an accompanying Hardware Security Module (HSM).
Savyint PKI in a Box includes a hardware HSM system and fully integrated software within a single device, designed to meet the needs of building a dedicated internal PKI infrastructure. With Savyint PKI in a Box, organizations and businesses can independently manage the registration, issuance, management, timestamp and revocation of digital certificates internally, without limitations on the number of certificates. It is easy to install and deploy, offering a significantly lower investment cost compared to other PKI solutions. Savyint PKI is the first Certification Authority (CA) authorized to issue SHA-256 digital certificates.
The product is compact, portable, and easy to install, seamlessly integrating with the existing information systems of businesses/organizations. Its flexible feature set can be quickly customized or expanded to meet the specific needs of a business, adapting to its growth and changing requirements over time.
Full compliance with international standards
- Server Appliance with FIPS 140-2 level 3 compliance
- Compliance with ISO 9001:2015, ISO 14001:2015 and ISO 27001:2022
- Data security standards compliance: GDPR, SOC 2 Type II, HIPAA & PCI DSS
- HSM Hardware: FISP 140-2 Level 3, FIPS 140-3 Level 3, CC EAL4+ AVA_VAN.5 or Common Criteria EAL4+ (EN 419 221-5) certified
- Rest API Service Interface
- Real-time validation with CRL and OCSP
- Adherence to General Data Protection Regulation (GDPR)
- Fully compliant with RFC 3161 and RFC 5816; ETSI standards including XAdES-T, CAdES-T, PAdES-T supporting ETSI EN 319 421; satisfies the Time Stamp Profile ETSI EN 319 422 used for Qualified Timestamps and also AATL timestamps
Benefits
- Optimizes with TSA Cryptographic Software and Hardware (HSM) integrated into a single box, which considerably reduces the cost of the product and the time needed to install it through the PKI Box platform
- Easy and quickly setup TSA with PKI Box system
- Long-term cost savings with the PKI Box system
- Independent and separate, unaffected by third parties
- Simple maintenance and servicing
- Easily outsourced for management/operations to a trusted provider
- HSM Hardware inside: FISP 140-2 Level 3, FIPS 140-3 Level 3, CC EAL4+ AVA_VAN.5 or Common Criteria EAL4+ (EN 419 221-5) certified
- User-friendly dashboards for reporting, alerting, logging, and insight
Features
- Time stamping protocol according to the RFC 3161 and RFC 5816 standard
- TSA system can synchronize its own clock with an external time source via the NTP protocol, though it can be adapted to use any synchronization device (GPS, cesium clocks, etc.)
- Easy system administration via HTTPS requiring a digital operator certificate
- Meets the needs for a specialized TSA for the IT infrastructure and internal applications of clients
- Interoperability: TSA Server works with any RFC 3161, 5816 or Microsoft Authenticode compliant client including Microsoft Office and Adobe Acrobat
- Supports installation and integration across management models from basic to advanced (High Availability, DR/DC, Multi DC)
- HSM hardware device inside: eIDAS and Common Criteria EAL4+ certifications, including AVA_VAN.5 and ALC_FLR.2, as well as EN 419 221-5 Protection Profile or FIPS 140-2 Level 3, FIPS 140-3 Level 3
- NTP Support: Works with Stratum2 & 3 NTP servers and GPS NTP Servers to ensure accurate, trusted time
- Supports compliance with CE, RoHS, FCC