Gemalto releases HSM for the cloud, Carillon announces SCVP service
30 July, 2015
category: Contactless, Corporate, Digital ID, Financial, Government, Smart Cards
Gemalto release cloud-based HSM abilities
Gemalto announced the availability of SafeNet Luna SA 6, a hardware security module purpose-built for service providers to offer on-demand crypto processing, key management and key storage in the cloud.
The new SafeNet Luna SA delivers the scalability required to protect cloud applications and enable service providers to offer trust for their cloud environments by giving businesses total ownership of their encryption keys.
For many organizations, the option of purchasing and managing encryption keys on-premises does not align with their vision of using cloud-based infrastructure as on-demand services. In addition, service providers that want to offer higher levels of data protection are required to manage encryption solutions on behalf of their customers, which means increased liability and risk in terms of data access and complying with customer compliance requirements. As a result, these challenges have prevented many security conscious companies from migrating sensitive data to the cloud.
Gemalto’s SafeNet Luna SA platform changes the way service providers and organizations can manage and store encryption keys in cloud environments. With the new SafeNet Luna SA, cloud companies can provide the security, compliance and trust of an on-premises HSM appliance while their customers realize the cost, flexibility and performance benefits of the cloud, yet still maintain complete ownership of their keys. Organizations can now also benefit by being able to choose the appropriate data encryption strategy for their business whether that be on premise, cloud-based, or hybrid key management and storage solutions.
The SafeNet Luna SA can be separated into 100 cryptographically isolated partitions, with each partition acting as if it were an independent HSM. Within each partition, a given customer can assign multi-tiered levels of administrative access. The partitions themselves are designed to protect key material from other tenants on the same appliance, meaning different customers – or different lines of business within a single organization – can leverage the same appliance without fear of losing their keys to other tenants. In addition, service provides have no access to key material stored on any HSM partition, giving their customers the confidence that only they have access to their sensitive cryptographic keys.
Carillon releases certificate validation protocol service
Carillon Information Security Inc. announced that it now provides validation services for companies and government agencies looking for X.509 certificate path discovery and validation solutions.
This service is launched to address the growing requirements of path validation for digital credentials that need to meet the corporate and government standards. This new solution complies with directives set forth by the U.S. GSA and Federal Bridge PKI.
Server-based Certificate Validation Protocol (SCVP) has been available for many years and can manage complex path discovery and validation of certificate policies and digital credentials. From a practical standpoint, the SCVP client can query a central service and confirm the validity status of a certificate, in real or near real-time.
The centralized trust management capabilities of the RFC5055 compliant platform enable organizations to choose who they wish to trust, and to manage that trust in a dynamic way across their entire organization. With more regulatory requirements moving to mandate PKI-based digital credentials, the Pathfinder-SCVP is a form of Validation as a Service that enables organizations to demonstrate their compliance with these regulations.
With this service, Carillon wants to enable companies to focus on using digital credentials they or their business partners already own, as opposed to trying to decipher the complexities of a specific policy and trying to determine the validity of the credential.
MorphoTrak appoints marketing, government relations director
MorphoTrak announced that Teresa Wu has joined the company as director of Strategic Marketing and Government Relations. Wu will be responsible for developing and managing the company’s strategic marketing efforts.
In addition, Wu is tasked with managing the company’s government affairs outreach. In this role, she will be the principal company liaison with policy stakeholders from federal, state and local government agencies, with a mandate to ensure that U.S. government stakeholders are aware of MorphoTrak and its innovative products and solutions.
A recognized subject matter expert in biometrics, marketing, and biometrics-related policy matters, Wu comes to MorphoTrak from a Fortune 500 company where she served as Global Software Solutions Marketing Director.
Cardag partner with LEGIC
LEGIC announced that Cardag Deutschland GmbH would be a partner to its ID Network. Cardag has specialized in the development, production and sale of adaptable chip cards and works with the entire LEGIC transponder range.
Cardag designs, produces and sells contactless and contact-based chip cards and special designs. The proprietary material compositions fulfill a range of customer requirements as well as specific prints and peripheral equipment. Their advanced investment policy enables the development and production of new leading technical products. In 2014, LEGIC granted the card-in-card license to emulate the LEGIC functionality on processor chips.