PKI Security

Flash/Video

Get nCipher

Secure PKI Deployment with nCipher HSMs

Webinars

Best Practices for Microsoft PKI and Certificate Management Access to this document requires registration.

Solutions Sheets

HSM Deployment Strategies Access to this document requires registration.

nCipher Hardware Platforms Access to this document requires registration.

Case Studies

Microsoft PKI Access to this document requires registration.

White Papers

Windows Server 2003 PKI Access to this document requires registration.

Product Data Sheets

netHSM Datasheet

nShield Data Sheet

A Public Key Infrastructure, or PKI, is about establishing trust between applications and users built around the use of credentials for encryption, authentication and digital signatures. The most critical security issue of any PKI is the degree to which the certificates that it manages can be trusted. This in turn places a spotlight on protecting the private keys used to issue certificates – the root keys that provide the anchor of trust within the PKI.

nCipher provides hardware-based protection for these critical keys to meet today’s most stringent security standards.

Any suspicion that certificates could be bogus, altered or made available to an illegitimate user casts doubt over the whole system. This means some or all of the credentials must be re-issued at a great cost and inconvenience to the organization and its users whose ability to perform their daily work is impaired.

Hardware based key protection

It’s an established best practice that tamper-resistant hardware based systems are preferred over pure software environments to protect sensitive encryption and signing keys. Relying on “soft security”, leaving keys exposed in general purpose servers and software applications leaves them vulnerable to misuse or loss. “Hard security” controls that are tamper-resistant and minimize performance and operational impact are required.

Highly secure key protection

The nCipher suite of HSMs protects cryptographic keys in a highly secure hardware environment enabling them to be effectively managed and safely protected. Every nCipher HSM has received an independent U.S. Federal Information Processing Standards (FIPS) 140-2 security validation. This industry recognized security validation assures you can be confident that the keys critical to your PKI are protected.

nCipher HSMs are available in a variety of form factors and performance ratings to suit different deployment requirements:

For more information on a network attached HSM, Read more here on netHSM.

For more information on nShield, an HSM with a PCI card form factor, Read more here.

Using PKI to digitally sign and time stamp sensitive documents

nCipher provides a number of secure appliances to enable this functionality to be easily integrated into commercial and custom-built applications. For more information click on the links below:

Time Stamp Server allows integration of secure digital signatures and auditable time stamping functionality into applications.
Time Source Master Clock is a network appliance incorporating a high stability reference clock for the secure distribution of accurate time.