What is EKMI? Enterprise Key Management Infrastructure Take the tour.
Transcript of What is EKMI? Enterprise Key Management Infrastructure Take the tour.
What is EKMI?Enterprise Key Management Infrastructure
Take the tour
Enterprise Key Management Infrastructure or EKMI is a collection of technology, policies, and procedures for managing all cryptographic keys in the enterprise.
EKMI is:
A Single place to manage all keys
A Standard Protocol
Platform and Application Independent
Scalable to millions of clients
Always available, even during network failure
...and of course, extremely secure
EKMI is comprised of:
Public Key Infrastructure, or PKIThis is used for digital certificate management,strong-autentication, secure storage, and transportof symmetric encryption keys
Symetric Key Management System, or SKMS
PKI
SKS Server - for symmetric key managementSKCL - for client interactions with SKS Server
+SKMS= EKMI
Lets See How This All Works Together...
SKCL
Application
Client
Client Application makes a request for a symmetric key
SKCL makes a digitally signed request to the SKS
Network
Server
SKS verifies SKCL request, generates, encrypts, digitally signs & escrows Key in the Database
Application Server
DB Server
Crypto Module
Crypto HSM provides security for RSA Signing & Encryption Keys of SKS
SKS responds to SKCL with a signed and encrypted symmetric key
SKCL verifies response, decrypts key and hands it to the Client Application
What does this mean in practical application...
Since the Keys are generated and “Leased” at the application level, data remains encrypted and secure, not only at rest on the server, but also through transit.
The Financial Solution
ATM
Bank Teller
Point of Sale
Bank Branch
Retail
Network
Financial Institution
SKS Server
Central Database
Information can now be sent encrypted securely over standard lines, and be decrypted at the application level.
The Helthcare Solution
Records
Doctors Office
EMT
Network
Hospital
SKS Server
ER Applicationand Database
Patient Information can be shared securely and quickly for efficient care.
DoctorsTablet
EMT in Field
PatientRegistration
ER Nurse
Solutions to Symmetric Key Barriers
Slow Multi-Core PCs
Complex Higher Level APIsDesign StandardsEducation
Expensive Open Source
Lack of Standards OASIS EKMI-TC
But its not too late!
Securing the Coreshould have been Plan A from the beginning.
OASIS EKMI-TC is driving new key-management standards that cuts across platforms, applications and industries.
Get involved!