 |
|
Key Management Services |
|
|
VeriSign's Key Management Services provides
the industry's most secure key management and recovery solution for
enterprises deploying public key infrastructure (PKI) to secure a broad
array of network applications. State-of-the-art technology provides
enterprises with a complete key management solution which includes centralized
key generation, distribution and backup capabilities, archiving of key
histories and dual key pair support, coupled with a two-step recovery
process which provides far greater security than in-house software alone.
Features and Benefits
- Dual Key Support
Key Management Services supports dual keys by providing central generation
and back-up of encryption keys, along with distributed generation of
signing keys. It is the industry's leading solution for non-repudiation
because it combines this support for dual key pairs with strong security,
audit and archive functions. Dual key pair support is critical for applications
that utilize both encryption and digital signatures. An end user needs
one key pair for encryption and another for digital signing, so that
the encryption key pair can be backed up without compromising the integrity
of the user's digital signatures
- High-Security Key Recovery
VeriSign's Key Management Services offers a unique approach to key management
that provides the highest security available. It combines local software
and backup of the key pairs with a key-recovery service located at VeriSign.
Private keys are stored at your enterprise in a secure, encrypted form
that provides strong protection without requiring you to build a high-
security facility. Recovery of a key pair is achieved by retrieving
from VeriSign a unique key that can unlock the backed-up version of
that specific key, but without your end user encryption keys ever leaving
your premises. There is no single point of compromise in the system;
even a potential intruder with a complete copy of the database of backed-up
keys will not be authorized to get from VeriSign the recovery keys needed
to access the database
- Centralized Key Management
The centralized key generation functions in Key Management Services
allow an enterprise administrator to set up an end user's security and
thus simplify the process for users. The administrator can easily and
quickly generate encryption key pairs, trigger a client application
to generate a signing key pair, coordinate certificate acquisition for
both key pairs and distribute the keys and certificates to the end user,
without the end user having to register and request a certificate. Enterprises
deploying PKI primarily for authentication, access control or non-repudiation
without encryption may not need dual key support and key recovery, but
they can still benefit from the centralized management capability. Key
Management Services significantly reduces end-user support burdens and
PKI deployment time, and brings to Managed PKI the broadest range of
registration and distribution options available
Key Management Services is part of the VeriSign
Managed PKI product line. It works with Microsoft IE, Outlook XP, 2000,
and 98, IBM Lotus Notes R5 and Netscape Communicator, as well as with
applications enabled with VeriSign-compatible toolkits. Key Management
Services does not require proprietary client software and allows you
to build and operate a best-of-breed enterprise security solution.
|
|
|
