Cryptolog Identity
Cryptolog Identity is a Public Key Infrastructure (PKI) that delivers the digital certificates which ensure the authenticity, integrity, confidentiality and non-repudiation of electronic data. It helps prevent fraud while integrating easily with your current business processes.
The digital signature, digital receipt, encryption and permissions management services these certificates enable are completely transparent, so your end users do not need to understand how public keys and certificates work in order for them to make their communications and transactions more trusted and secure.
Creating a climate of trust: Why PKIs matter
In the real world, we have many different tools for proving that we are who we say we are, from driving licenses and credit cards to passports and officially signed letters of introduction. As more and more aspects of our lives start to move online, a need has arisen for an electronic equivalent to be found for these tools -- a way of proving our digital identity -- if we are to create the climate of trust that is required for e-business, e-government and e-life in general to gain widespread public acceptance.
A PKI lies at the heart of any Digital Identity Management project. Essentially, a PKI is used to manage certificates that vet and vouch for a user's identity in digital environments. Although the principal functionalities of a PKI are relatively simple (issuing, renewing and revoking digital certificates in line with the X.509 standard), a PKI is far from being a standard, uniform product. A wide range of PKI solutions exist on the market, from basic, open-source products to powerful, custom-developed tools like Cryptolog Identity.
Key benefits of Cryptolog Identity
For all your digital communications or transactions, Cryptolog Identity can provide:
- Authentication: Proof for both parties that the other participant in a communication or transaction is who he or she claims to be
- Integrity: Confirmation that a message is genuine and has not been tampered with during transmission
- Confidentiality: The encryption of sensitive communications to ensure that they are not read by any unauthorized person
- Non-repudiation: A legally-binding digital signature
- Key escrow: The secure storage of your private keys to ensure that you meet your legal obligations to allow the decryption of your encrypted data by government bodies
Cryptolog Identity is available as a hosted solution or as a fully functional, in-house PKI.
Technical specifications
Written in Java and fully compliant with all existing PKI standards, including X.509 and PKIX, Cryptolog Identity is one of the few PKIs on the market to be based entirely on custom-built, high-security components.
Building our solution from the ground up means that we also have a team of experienced developers on hand who, through our integration services, can provide you with a tailor-made Digital Identity Management solution that fully satisfies your exacting requirements.
Supported systems and standards
Cryptolog Identity supports the following systems and standards.
| Server OS Platforms | Windows 2000 Server or later, Linux, *BSD, Sun Solaris, all UNIX/POSIX platforms |
| Web browsers | Microsoft Internet Explorer, Netscape, Mozilla Suite, Mozilla Firefox, Opera |
| Certificates/CRL | X509v3, CRLv2 (X509v1 compatible; RFC 3279 and RFC 3280 compatible; manages all standard extensions, plus proprietary extensions) |
| Asymmetric algorithms | RSA, DSS, Diffie-Hellman |
| Hash algorithms | MD2, MD5, SHA1, SHA256, SHA384, SHA512 |
| Other algorithms | DES, 3DES, AES, RC2, RC4 |
| Certificate request protocols | PKCS#10, SCEP, CMP (RFC 2510), CMC (RFC 2797) |
| PKI management protocols | CMP (RFC 2510), CRMF (RFC 2511), CMC (RFC 2797) |
| Other security protocols | LDAPv3, PKCS#1, PKCS#5, PKCS#7, PKCS#8, PKCS#10, PKCS#11, PKCS#12, CMS (RFC 3369), SSL/TLS (RFC 2246), OCSP (RFC 2560), TSP (RFC 3161), S/MIMEv3 (RFC 2633, 2634) |
| HSM | nCipher (FIPS 140-2 n3) and Eracom (FIPS 140-2 n3) (Compatibility with other devices available on demand) |
| Tokens | All PKCS#11 compatible tokens |