The IBM mainframe series (“z-series”) has become a backbone for security, privacy and resilience in a large share of payment and banking related applications across the globe. This article explains why a cryptographic key management system (KMS) that supports the hybrid-cloud is a prerequisite to effective and compliant security management of these mainframes.
Read moreThe protection and secure management of cryptographic keys is crucial for ensuring that cryptography is used in the most effective way to keep data secure. Picking the wrong key management system (KMS) can thwart all the efforts that have been made in using cryptography to protect information.
Read moreATM Remote Key Loading has become a common practice in the industry. Yet managing the top-level keys to establish trust between the Host and the ATM units remains a challenge. This article describes how Cryptomathic CKMS addresses the challenges of key generation and distribution for ATM Remote Key Loading.
Read moreThis article explains the concept of meta-data in the context of cryptographic keys, explaining why it is used and the necessity to manage it well.
Read moreA key management system is a critical component in achieving PCI DSS compliance for a banking institution. It involves implementing a crypto system that manages the secure creation, exchange, distribution, storage and use of cryptographic keys for the ultimate goal of protecting users’ or clients’ sensitive data.
Read moreWith the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers.
Read moreUser interface design and usability are the deciding factors in attaining a good user experience for most IT deployments, including key management systems (KMS). The most significant constraint to the use of a KMS is the difficulty that some systems present to the non-specialist users.
User interfaces (UIs) that adapt to the expertise of the user can guide a new and less-trained user, while permitting an expert to use efficient shortcuts and to bypass step-by-step guidance.
This article presents high level recommendations on efficient user interface design for a key management system.
Read moreIndependent third-party testing is essential for identification, detection, and elimination of defects in a key management system (KMS). The third-party testing organizations often have specialized facilities and expertise to carry out the testing and offer unbiased testing reports. These testing and validation activities should be performed on each module including the security functions and the protective measures employed by each module. This article discusses the benefits of third party testing for a key management system.
Read moreThis article discusses how various factors and related controls can affect the effectiveness and strength of the security protection for a cryptographic system.
It gives particular consideration to the requirements of the Payment Card Industry (PCI)
Read more
