How is nCipher helping partners deliver trustworthy and eIDAS compliant services?
nCipher Security puts great value in the strength of its partners. By working with nCipher, partners can quickly implement solutions that meet their specific needs and the needs of their customers.
Partners who wish to deliver eIDAS compliant Trust Services can create tailored solutions that use their preferred authentication mechanisms and meet their performance and scale requirements. nCipher’s current range of products allow partners and customers to build eIDAS compliant solutions for signing and sealing. nCipher partners have implemented systems that handle tens of millions of keys. A partner can create an eIDAS compliant remote signing system, which fits into their existing services, with minimum disruption to those services.
Through an involvement with standards such as EN 419 221-5 and EN 419 241-2, nCipher is ensuring that customers can deploy remote signing systems now, knowing that they will be eIDAS compliant as these standards come into force.
EN 419 221-5 "Protection profiles for Trust Service Providers (TSP) Cryptographic modules - Part 5: Cryptographic Module for Trust Services" is a Common Criteria Protection Profile for hardware security modules (HSMs), edited by nCipher.
EN 419 241-2 "Trustworthy Systems Supporting Server Signing - Part 2: Protection profile for QSCD for Server Signing " is edited by Cryptomathic, and strongly supported by nCipher.
As well as supporting local signing, EN 419 221-5 provides a foundation that Protection Profiles for other trust services can build on: EN 419 241-2 is one such example. We can expect trust services for secure delivery, time stamping, long term document preservation, and others, to also mandate and make use of EN 419 221-5. This building block approach speeds up approval of Trust Service Protection Profiles and makes it simpler for TSPs to deliver compliant solutions.
nCipher has created an EN 419 221-5 Security Target for its nShield XC range of HSMs. The Security Target focuses on the nShield nCore APIs and the CodeSafe secure execution environment interface. Thus any application written to the high-level languages that build on nCore (Java, PKCS#11, CNG, CAPI), as well as any CodeSafe application, can be eIDAS compliant.
The Target of Evaluation is the Solo XC cryptographic module. This means that the module itself, and any appliance it is used with, can also be eIDAS compliant. Both the Solo XC and Connect XC HSMs will be certified to EN 419 221-5: this will provide eIDAS compliance for Europe in particular, and the Common Criteria recognition required in many other parts of the world.