Management of Private Keys, Public Certificates and Digital Assets.
EgisData integrates with secure and scalable Key Vaults, which generate Private
and Public Keys according to NIST and FIPS specifications. EgisABAC, the Attribute Based Access Control policy engine, enables defining detailed policies managing accessibility to resources based on; a user’s digital identity, allowed access date and
time, number of times accessed, and any other attributes established by the user.
The policies are digitally signed, and signatures are verified by the EgisABAC before the policy can be executed. The policies can be stored in EgisData secured storage or can be passed to EgisData via API.
EgisData preserves Digital Assets safely in a PKCS12 compliant vault. Developers can use PKCS11 client library to access crypto material. Such a method would allow integration of traditional HSM with V-HSM EgisData and re-use legacy applications.
Alternatively, developers can use simple RESTful API and access most crypto functions available under the PKCS11 interface. The RESTful API enables developers to rapidly begin securing digital assets without need of being a cryptographer or deep knowledge of the
complex PKCS11 interface.
Management of Data Privacy and Confidentiality
EgisABAC, the Attribute Based Access Control policy engine,enables defining detail
policies, managing accessibility per individual documents. Secured sharing of documents is not a challenge anymore, when you use EgisABAC.
The policies are written in the simple business rule language, Epsilon. Policies can also be generated using UI. Each document is encrypted by its own key and access to the decryption process is guarded by the set policy.
Bridging HSM with V-HSM under a single Control Panel
Many organizations are invested in Hardware Security Modules and struggle today
with moving their key encryptions to cloud. Modern application development calls
for agile security. The agility applies from adopting new cryptographic functions to
scaling out use of encryption keys per record or per document. Current HSM devices
struggle with both agility and scalability.
The EgisData platform can act as a bridge between traditional HSM and V-HSM.
Developers can start developing new application using V-HSM, and older applications
can use an older interface PKCS11. Overtime the organization can migrate to V-HSM,
or support both environments. Such capabilities will enable organizations to migrate all applications to cloud,reduce risk of downtime, and significantly reduce operations cost of
modules responsible for managing key and encryption.
Additional layer of authorization policy EgisABAC will enable runtime changes
to policies and real-time audit of polices govern accessed secured resources. Accessibility is based on Zero Trust Security where Principal is digitally verified before access the protected resource based on set and signed Policy for the resource.”
Request More Information
Fields marked with an asterisk (*) are required.