Beginning with se.SAM™ N-Series version 5.0 – planned for summer 2022 – sematicon AG will offer a HSM based PKI solution for IT and industrial use. The Certificate Authority (CA) will be available as an integrated software module on se.SAM™ N200 Crypto Appliance and se.SAM™ NX200 24-48V Industrial DIN_rail fan-less appliance.
Positioning of se.SAM™ PKI
Following the N200 core concepts all CA and sub-CA keys are crypto keys held in hardware. These CA keys are managed in the intuitive N200 admin GUI and synchronized within HSM clusters. CA keys are included in automatic backups and no limitation on numbers of keys, crypto operations, or accessing clients apply.
| Typical CA installations | se.SAM™ PKI | |
|---|---|---|
| Distribution | Software only | Plug & play hardened appliance |
| Update | Manual update process of OS and application required | One-step appliance firmware update process with fallback option |
| Keys | Software only | Plug & play hardened appliance |
| Scope | CA server limited to 1 CA most common 1 Root-CA or 1 Issue-CA | N200 appliance supports a nearly unlimited number of Root-CAs and Issue-CAs |
| Availability | Dependent on a single physical or virtual server | Full-redundant HSM cluster with up to 64 instances |
| Backup | Implementation dependent | Out-of-the-box backup for keys, templates, issued CAs, and certificates |
| License | Typical licenses required for server and number of issued certificates | Flat-fee license, se.SAM™ PKI covers unlimited CAs and certificates for company internal and external use |
| Algorithms | Often still focuses on RSA keys | Wide support of ECC algorithms including SECG, NIST and Brainpool curves, as well as RSA keys |
| Key Distribution | Varies from vendor, typical manual approval process and handling of file-based certificates | Manual issuing is supported, but focus on REST API for certificate signing requests with automated issuing |
| Target Market | IT | IT, Industry, IoT and Embedded Systems |
Enclosed a functional overview of se.SAM™ PKI and its services and results.
se.SAM PKI functional overview
Read more about:
And also about our Hardware Based Security Solutions:
- se.SAM™ U110 and U210 USB Modules For secure certificate and key storage
- se.SAM™ P210 and P220 MiniPCIe Modules For secure certificate and key storage
- se.SAM™ Embedded For secure certificate and key storage in embedded systems
- se.SAM™ N200 19″ Network Crypto Appliance optional PKI Module
- se.SAM™ N200X Industrial Crypto Appliance DIN-rail network HSM, 24-48V DC, with optional PKI Module
For more information contact us:
Contact us
Weitere Beiträge
https://www.sematicon.com/wp-content/uploads/2022/08/600percent.jpg
542
542
Michael Walser
https://www.sematicon.com/wp-content/uploads/2019/03/sematicon.png
Michael Walser2022-08-24 14:13:072022-08-29 20:44:37600% less cryptographic overhead for X.509 certificates
https://www.sematicon.com/wp-content/uploads/2022/08/se.SAM-PKI-2.png
542
542
Michael Walser
https://www.sematicon.com/wp-content/uploads/2019/03/sematicon.png
Michael Walser2022-08-17 17:05:032022-08-29 20:44:38IoT PKI – se.SAM™ PKI Mockup
https://www.sematicon.com/wp-content/uploads/2022/08/se.SAM-PKI.png
542
542
Michael Walser
https://www.sematicon.com/wp-content/uploads/2019/03/sematicon.png
Michael Walser2022-08-11 13:50:412022-08-29 20:45:09X.509 Tutorial: 5 ways to issue certificates for IT services, users, clients, and IoT devices
