Scribd Logo
Upload

Welcome to Scribd!

  • 299 views

    PrimeKey SignServer Enterprise 11

    Uploaded by

    ssss
    The document describes PrimeKey's SignServer Enterprise, a versatile server-side application capable of performing large-scale cryptographic operations and digital signatures. It supports standards like TSA, MRTD, PDF, CMS and code signing and can integrate hardware security modules for key security. The software is designed for flexibility, high availability, security and integration into other systems.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    PrimeKey SignServer Enterprise 11

    Uploaded by

    ssss
    299 views2 pages
    The document describes PrimeKey's SignServer Enterprise, a versatile server-side application capable of performing large-scale cryptographic operations and digital signatures. It supports standards like TSA, MRTD, PDF, CMS and code signing and can integrate hardware security modules for key security. The software is designed for flexibility, high availability, security and integration into other systems.

    Original Description:

    PrimeKey SignServer Enterprise

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document describes PrimeKey's SignServer Enterprise, a versatile server-side application capable of performing large-scale cryptographic operations and digital signatures. It supports standards like TSA, MRTD, PDF, CMS and code signing and can integrate hardware security modules for key security. The software is designed for flexibility, high availability, security and integration into other systems.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    299 views2 pages

    PrimeKey SignServer Enterprise 11

    Uploaded by

    ssss
    The document describes PrimeKey's SignServer Enterprise, a versatile server-side application capable of performing large-scale cryptographic operations and digital signatures. It supports standards like TSA, MRTD, PDF, CMS and code signing and can integrate hardware security modules for key security. The software is designed for flexibility, high availability, security and integration into other systems.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 2

    PrimeKey Solutions AB

    All rights reserved


    sales@primekey.se
    +46 873 561 01

    SignServer Highlights:

    Highly scaleable,
    PrimeKeys SignServer Enterprise is a versatile server-side application, providing for high
    capable of performing complex cryptographic operations, even at very transaction loads
    high loads. SignServer Enterprise is suitable for Trust Center environ-
    ments. Out of the box: TSA,
    MRTD, XML, PDF,
    Large Scale, Cryptographic Processing CMS, Code Signing
    SignServer Enterprise provides built-in modules for fully controlled, crypto-
    graphic processing, utilized for signing documents and code. Signing can be Transaction logging
    done large-scale, guaranteeing both availability and speed. One or several and archiving
    Hardware Security Modules (HSMs) can be integrated to secure signature keys. capabilities
    Centralized and Auditable Digital Signatures Supports leading
    In large organizations, the digital signature keys for documents and code are hardware security
    commonly spread out in several places, using different security policies. How- modules (HSMs)
    ever, from an audit and maintainability point of view, it is often convenient to
    centralize cryptographic operations. Using SignServer, all signature operations Proven in practice for
    are brought into a single, auditable server, making security, control and audit a enterprise and national
    breeze.
    eID and ePassport
    Many Standards, One Solution installations
    SignServer supports many standards for server-side document processing. Ability to customize or
    After using SignServer in one area, it is fairly easy to add new modes of opera-
    tions, thus avoiding costs of both additional hardware purchases, and training
    add new types of
    your personnel with new products. document processing

    SignServer can be deployed as:


    Secure log & audit by
    Time Stamp Auhtority (TSA), RFC#3161 and MS Authenticode using CC EAL4+
    Machine Readable Travel Documents (MRTD) signer, for ePassports certified CESeCore
    PDF signer, including support for visible signatures, embedded CRLs library
    and OCSPs
    Cryptographic Message Syntax signer (CMS, PKCS#7)
    MS Authenticode code signer
    Java code signer
    Android code signer

    Designed for Flexibility and Integration


    SignServer allows flexible integration possibilities, hiding the complexities of
    cryptography whenever possible. SignServer can be managed from a com-
    mand line, a graphical user interface, or be integrated directly from your own
    application using Web Services. Several development APIs are ready to enable
    custom implementations.
    Key features: TSA / Timestamp signing
    (RFC#3161 and MS Authenticode) About PrimeKey:
    Lowest Total Cost of Ownership (TCO)
    Configurable time sources
    Short project duration, with fast Monitoring of time-source status PrimeKey Solutions AB
    project deployment
    Least likelihood of disruptive ePassport Document Signer is one of the worlds
    software defects, due to mature, (MRTD) leading companies for
    widely proven open source code LDS version 1.8 support PKI solutions. PrimeKey
    Support for limiting the number of
    Least likelihood of material incidents,
    signings (i.e. ICAO limits up to
    has developed success-
    with PrimeKeys comprehensive
    services menu 100,000 signatures) ful solutions, such as
    Support for key usage period EJBCA Enterprise, Sign-
    High Security
    Multiple active logical signers with Server Enterprise and
    Two factor client authentication and
    fail-over when the sign limit is
    PrimeKey PKI Appliance.
    exceeded
    authorization PrimeKey is a pioneer in
    Cryptographic Message Syntax
    Detailed transaction logs open source security
    signer (CMS, PKCS#7)
    Hardware security modules software that provides
    Service availability across
    maintenance windows
    XML signer (XML, XAdES-BES, businesses and organi-
    XAdES-T)
    sations around the world
    Flexibility
    MS Authenticode signer with the ability to imple-
    Almost linear scalability and
    availability JAR Signer
    ment security solutions
    Configurable settings Java code such as e-ID, e-Passports,
    Integration interfaces, Android apps authentication, digital
    HTTP, WS, CLI
    API for custom implementations of signatures, unified digital
    identities and validation.
    Technical specifications: Signers
    Crypto tokens PrimeKey has its head
    PDF document processing, Authentication/authorization office in Stockholm,
    including support for: Transaction logging Sweden.
    visible signatures Archiving
    different certification levels Hardware security modules
    requesting and embedding
    SafeNet, Thales, Utimaco, AEP
    timestamp responses
    other PKCS#11-compliant modules.
    requesting and embedding CRLs
    requesting and embedding OCSP Cryptography support
    responses RSA, DSA and ECDSA keys
    PDF permissions SHA-1 and SHA-2 hash algorithms.
    server-side archiving of signed
    Enabling Software Stack
    documents to disk
    64-bit Linux operating system
    recommended
    JBoss application server.
    MySQL, MariaDB, Oracle database

    SignServer clients can be either human operated machines or dedicated servers . The clients access the SignServer
    cluster, consisting of cluster nodes and administrative console(s) . The cluster nodes are using HSMs , but can
    also use software crypto tokens for test purposes.

    You might also like