This article discusses the various issues around key management and presents Cryptomathic’s approach to central key and crypto management that has been adopted by major banks.
This article discusses the various issues around key management and presents Cryptomathic’s approach to central key and crypto management that has been adopted by major banks.
Digital signatures (and the accompanying concepts of encryption and authentication) have been a critical aspect of electronic communications for several years now, and both regulatory bodies and businesses continue to demonstrate a vested interest in the continued growth and advancement of this field.
A popular point of discussion and research among businesses in the EU is eIDAS, the EU regulation on the use of identification and trust services for electronic transactions in the internal market. Not only is eIDAS required for legally-compliant digital signatures, it's also part of a greater picture of technological innovation and growth within the EU.
With the ever-growing number of electronic transactions and documents, the use of digital signatures make it possible to trust and act upon these transactions as if they were printed on paper and signed by a trusted source. Digital signatures are used as a proof of authenticity, data integrity and non-repudiation of communications conducted over the internet.
This article describes 7 drivers for successful digital signature services.
Malware infections have become more evolved and sophisticated. Similarly, the technologies for preventing malware threats and attacks have evolved to use a multi-layered approach.
The term malware is short for "malicious software." Malware is designed to harm computer systems or networks, typically to gain access for monetary gains. Different types of malware are designed for specific categories of infections such as Adware, Spyware, Worm, Trojan, Keyloggers and Ransomware.
This article discusses the 5 protective measures for securing key management systems from malware threats within an organization.
With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers.
A Key Management System (KMS) must be designed in a manner that supports the goals of each organization using the KMS. The aim of a security policy is to provide a secure working environment for the organization by establishing required security measures, protocols and controls.
User interface design and usability are the deciding factors in attaining a good user experience for most IT deployments, including key management systems (KMS). The most significant constraint to the use of a KMS is the difficulty that some systems present to the non-specialist users.
User interfaces (UIs) that adapt to the expertise of the user can guide a new and less-trained user, while permitting an expert to use efficient shortcuts and to bypass step-by-step guidance.
This article presents high level recommendations on efficient user interface design for a key management system.
Independent third-party testing is required for identifying, detecting, and eliminating flaws in a key management system (KMS). Third-party testing organisations frequently have specialised facilities and expertise to carry out testing and provide objective testing reports. These activities should be performed on each module, including the security functions and protective measures used by each module. This article covers the benefits of third party testing for a key management system.
A cryptographic zone exists between two points, where a symmetric key or asymmetric public keys are shared in order to encrypt sensitive information. Once the key, or keys have been exchanged, data, and in some cases other keys, are encrypted within this zone.
