English | 中文


Contact Us

  • Contact:北京炼石网络技术有限公司
  • Phone:010-88459460
  • Address:北京市海淀区北三环西路32号楼7层0710-1
  • Zip Code:100097

Position: Products

Key Management System

Product Overview

CipherGateway Key Management System (abbreviated as: KLM) provides full life cycle management of keys, including key generation, key storage, key distribution, key backup, key update, key revocation, and key archiving, key recovery and security management, etc.
CipherGateway Key Management System has passed the inspection of the State Cryptography Administration, and follows the requirements of the "Certificate Authentication Key Management System Testing Specification" and the "Cryptographic Device Management Symmetric Key Management Technical Specification" issued by the State Cryptography Administration, and adopts leading technologies. By combining with the authentication system, it can provide technical and strategic security guarantees for PKI application field.

Product Features

Support KMIP Protocol KMIP protocol is used to transfer data between KLM and cryptographic machine.
Business-based Key Usage Audit All operations in the KLM system will be recorded in details, operator signature information will also be recorded accordingly, and audit operators can audit the logs.
Provide A Variety Of Business-level InterfacesIt is simple and convenient to integrate with the application system, and accurately locate the data assets by tracking the running track of keys, ensuring the security situation of the application system.
Compatible With Various Cryptographic Machines It can pass keys to cipher machine, and receive ciphertext and plaintext that have been processed by cipher machine. It is compatible with various interfaces of authentication center, and issues keys to authentication center through the interface, as well as receives keys from or pass key to the authentication center.
Convenient And Easy-to-use Maintenance And Diagnosis TechnologySupports data self-destruction. When the device is opened illegally and abnormally, the internal data destruction program will destroy keys and other security-related data stored in the device to prevent data from being illegally read.

Product Functions

Secure Storage Of Keys A secure processor core is used as the key storage component to ensure the secure storage of keys.
Support Random Number GenerationUse hardware to generate random numbers, and the generated random numbers conform to the "Random Number Testing Specification" promulgated by the State Cryptography Administration.
Support Three-tier Key SystemThree-tier refers to local master key, member master key, data key
Excellent Key ManagementProvide full life cycle management of keys, such as generation, encrypted transmission, storage, import, deletion, and destruction. Key deletion supports the deletion of symmetric and asymmetric keys with specified index numbers
Support System Log Audit Examine cryptographic Server HSM’s operation condition, monitor the operation status of the hardware and software of cryptographic Server HSM, and automatically recover or alarm for malfunction
Support Printing Key EnvelopeProduce and print the random key envelope through the console, and save keys synchronously to the device
Get Produce White Paper

CipherGateway dedicates in making data sharing safer and more valuable. For your business scenarios, we will recommend more professional and high-value solutions and products. Look forward to your contact. 010-88459460 Request Free Trial