Next Generation Embedded PKI™ Architecture

The Business Need

  Get Started Today
 

• Solution Features
 

• Schedule a Custom Evaluation Program

 

• Request a Free
Security Assessment
 

• Download Information at our Resource Center
 

• Contact Sales
   

Despite enterprises increasing security needs, the majority of Public Key Infrastructure (PKI) implementations have failed because of their inherent complexity and difficulty in implementation. Many organizations have had such negative experiences that they have scaled back or abandoned them altogether, falling back on traditional SSL/VPN and password techniques. Organizations now require a low-cost, easy-to-deploy PKI solution that provides the increased level of security required to operate safely in today's complex threat environment.

The Secure Methods Difference

SecureMethods provides a low-cost, easy-to-deploy embedded PKI infrastructure that allows organizations to create the highest level of security possible. SecureMethods provides encryption, authentication, authorization and audit capabilities for all transactions. In addition to providing these benefits, SecureMethods also eliminates the need for passwords while protecting you from the problems inherent in IIS and Windows™ server flaws.

The SecureMethods solution has been developed to address the issues of deployment and cost of advanced security solutions and is unique in its ability to significantly reduce the cost of deployment and increase the ease of use.

Features and Benefits

The SecureMethods architecture protects data against four basic threats: disclosure, forgery, corruption, and repudiation. This architecture supports public key cryptographic schemes that provide a high level of security for transmitted and stored data. The SM architecture also:

  • Combines symmetric cryptographic algorithms with public key-based key exchange to protect data from disclosure.
  • Uses public key digital signature algorithms that incorporate a cryptographic hash to guarantee the integrity and origin of the data and prevent forgery and corruption.
  • Provides public key certificates with time-stamped digitally signed receipts. This prevents repudiation of data.
  • Supports FIPS 140 approved standard 168 bit triple DES and AES 256 for bulk encryption of transmitted data.
  • Supports the integration of NIST FIPS 140-1level 2 cryptographic mechanisms.

The SM architecture includes SM Gateway™, which mediates network transactions to protected servers and ensures that all data is securely transmitted or received. SM Gateway™ can work either in parallel or in conjunction with existing firewall. This level of security, ease of use, and rapid deployment is only available with the SM embedded services model. SecureMethods technology and the SecureMethods (SM) architecture offer users the ability to secure data and transactions through encryption, strong authentication, and role-based authorization.

The SM Gateway™ supports a variety of encryption technologies and securely processes data that has been encrypted and authenticated via digital signatures, smart cards, or biometric methods irrespective of how the transmission was created (out of a web browser, email, or desktop). SM GatewayTM features the same ease of use and operates in the same way without regard for the type of connection -WAN, LAN, wireless, or dialup. SM Gateway™ also enables centralized authorization management, access control, and audit functions.

SM Client™, a no-cost software module seamlessly integrates into, and operates with industry standard web browsers to offer full digital signature support and non-repudiation services for transfers executed from within the browser environment. SecureMethods makes these features available fully free of charge. SM Client™ provides users the ability to encrypt and/or digitally sign any Windows-based file, including office suite, database, graphics, or multimedia files.

In addition, SM Client™ provides:

  • Seamless interface to SM Gateway™
  • Public key signatures for data origin authentication
  • Data encryption to protect sensitive data
  • Permits users to transparently access protected web sites if properly registered and authorized
  • Permits users to decrypt files that others encrypted for them
  • Easy-to-use graphical interfaces
  • Easy to use InstallShield interface

Implementation Example

Many financial services firm have tried to implement an enterprise-wide PKI solution using traditional methods but have been unable to achieve full deployment. Traditionally the barriers to implementation include cost, complexity and difficulty in getting users to change their behaviors. SecureMethods Gateway/Client solution can be implemented for 100 users in less than 30 days throughout financial services enterprises, providing encrypted, digitally signed and auditable transactions using an embedded PKI solution that is transparent to end-users.

The Challenge

If you're looking to implement embedded PKI in your organization, we offer two services that will prove to you that the next generation is the only viable option. SecureMethods will come to your site and help you develop an evaluation program, or we can provide a free security assessment and show you how our solutions can meet your your PKI needs.

    
           
 

© SecureMethods (Legal Notices)