What is EKMI? Enterprise Key Management Infrastructure Take the tour.

12
What is EKMI? Enterprise Key Management Infrastructure Take the tour

Transcript of What is EKMI? Enterprise Key Management Infrastructure Take the tour.

Page 1: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

What is EKMI?Enterprise Key Management Infrastructure

Take the tour

Page 2: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

Enterprise Key Management Infrastructure or EKMI is a collection of technology, policies, and procedures for managing all cryptographic keys in the enterprise.

Page 3: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

EKMI is:

A Single place to manage all keys

A Standard Protocol

Platform and Application Independent

Scalable to millions of clients

Always available, even during network failure

...and of course, extremely secure

Page 4: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

EKMI is comprised of:

Public Key Infrastructure, or PKIThis is used for digital certificate management,strong-autentication, secure storage, and transportof symmetric encryption keys

Symetric Key Management System, or SKMS

PKI

SKS Server - for symmetric key managementSKCL - for client interactions with SKS Server

+SKMS= EKMI

Page 5: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

Lets See How This All Works Together...

Page 6: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

SKCL

Application

Client

Client Application makes a request for a symmetric key

SKCL makes a digitally signed request to the SKS

Network

Server

SKS verifies SKCL request, generates, encrypts, digitally signs & escrows Key in the Database

Application Server

DB Server

Crypto Module

Crypto HSM provides security for RSA Signing & Encryption Keys of SKS

SKS responds to SKCL with a signed and encrypted symmetric key

SKCL verifies response, decrypts key and hands it to the Client Application

Page 7: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

What does this mean in practical application...

Since the Keys are generated and “Leased” at the application level, data remains encrypted and secure, not only at rest on the server, but also through transit.

Page 8: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

The Financial Solution

ATM

Bank Teller

Point of Sale

Bank Branch

Retail

Network

Financial Institution

SKS Server

Central Database

Information can now be sent encrypted securely over standard lines, and be decrypted at the application level.

Page 9: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

The Helthcare Solution

Records

Doctors Office

EMT

Network

Hospital

SKS Server

ER Applicationand Database

Patient Information can be shared securely and quickly for efficient care.

DoctorsTablet

EMT in Field

PatientRegistration

ER Nurse

Page 10: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

Solutions to Symmetric Key Barriers

Slow Multi-Core PCs

Complex Higher Level APIsDesign StandardsEducation

Expensive Open Source

Lack of Standards OASIS EKMI-TC

Page 11: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

But its not too late!

Securing the Coreshould have been Plan A from the beginning.

Page 12: What is EKMI? Enterprise Key Management Infrastructure Take the tour.

OASIS EKMI-TC is driving new key-management standards that cuts across platforms, applications and industries.

Get involved!