:: e-Security Company ::

Overview

Configuration

Feature

Operation System

'KSignKMI(Key Management Infrastructure)' is the product to manage crypto keys that contains confidential document and personal information at PKI-based system.'KSignKMI' carries out key escrow to prevent from losing or reproducing secrete key for encryption, prevent from unauthorized exposure of enterprise/organization's digital asset, and prevent from losing keys on purpose by administrator.

'KSignKMI' is a KMI(Key Management Infrastructure) solution that administrates crypto keys containing critical data (e.g. identification data, document detail) of PKI-based certification service system.

'KSignKMI' prevents from losing and reproducing private key for encryption, prevents from unwanted disclosure of enterprise/organization's digital assets, and handles key escrow for private key for encryption to prevent administrators to deliberately losing keys.

It is important to deploy KMI system that is capable of back up the crypto key containing critical data and use the backup data whenever required.

	Convenience/Ubiquitous era
	People can enjoy online stock trading service continently through key roaming service at any time, any where and any device.
	Prevent dysfunction of cryptography
	Once KMI is implemented, dysfunctions caused by using cryptography can be prevented in such case where user loses or damages his or her crypto keys and become unable to reach the original encrypted information.
	Fast data recovery
	Inevitably, if the holder is not able to use the crypto key, important data can be promptly recovered when anyone satisfies the certain conditions.
	Increased trust for CA
	Even if the crypto key is lost, the data of important information can be recovered, and keys will be efficiently managed as well. Hence, CA will gain more trust.

(1) Key escrow service

	Provide online key escrow service that interoperates public CAs and private CAs
	Escrow critical information such as user private key and certificate information
	Provide database backup function depends on the policy setup
	Provide 'Private Key Sharing' and save function
	Provide key management audit recording

(2) Key recovery service

	Provide PKCS#7 format key recovery service via online
	Provide real-time key recovery by combining key recovery information from stored key information.

(3) PKI roaming service

	Provide PKI roaming service
	Make private key and certificate available to use through roaming
	Dispose any roaming information if verification is failed

KSignKMI IN USE

KSIGN was appointed as the government information security researcher and product developer, and developed the first KMI(Key Management Infrastructure) solution in the country.
According to such reputations gained for the above facts, KSignKMI has considered to be deployed in many government operations for the part of eGovernment and GPKI (Government PKI). 'KSignKMI' will ensure firm, safe and enhanced key management environment for government's network.

Especially, there are undergoing discussions on how to safely manage keys that containing critical information, and several organizations and enterprises that servicing public CAs and private CAs have shown great interests to deploy KMI.

Since it is compulsory to have digital certificate issued by public licensed CAs to use any online stock trading from March 2003, the management for crypto keys used in certification has become important issue for financial institutions. Therefore, KSIGN has already deployed 'KSignKMI' with enhanced key roaming service for financial institutions that servicing online stock trading to allowing their customers to enjoy online stock trading from anywhere and anytime with using crypto key.

While 'KSignKMI' enables safe Internet environment for enterprises, eCommerce, and online financial services, it also provides first class digital safety for general enterprise's private CA service using intranet groupware that 'KSignKMI' is not only providing trusted security for Public Licensed CAs and for the Government.

'KSignKMI' is capable of interoperating with various PKI products; certification system (PKI), Data Validation and Certificate Server (DVCS), Key Management Infrastructure(KMI), Extranet Access Management(EAM), PKI-based Conditional Access System(CAS), Data Encryption Solution(SWAT), Application Security Toolkit (KSignCASE) and other several PKI products.

	KSignKMA
	- Platform: SUN / HP / IBM / COMPAQ - OS: Unix - Smart Card Reader: ISO7816, ISO10373 (RS-232)
	KSignKRA
	- Platform: SUN / HP / IBM / COMPAQ - OS: Unix - Smart Card Reader: Supports ISO7816 and ISO10373 (RS-232)
	User (KSIGN Certificate API for Secure E-Network)
	- Platform: x86 System (Pentium II 200Mhz) - OS: Windows 98/NT/2000/XP - Smart Card Reader: Support ISO7816 and ISO10373 (RS-232)