key bridge ukm
The single platform solution for all keys and data

KeyBRIDGE Universal Key Management (UKM)

Securely manage and store all keys and sensitive data in one single, centralized location

key-bridge-appliance
  • Manages and stores all keys and sensitive data of a company or group
  • Provides a single solution with integrated HSM
  • Includes built-in support for 3rd party HSMs
  • Certified for Payment and General-Purpose Keys
Key Benefits

Key Benefits

Icon

Central solution

Manage and store all keys and sensitive data in one single, central location.

Icon

Built-in HSM

Logical and physical security provided by the integrated HSM as the root of trust.

Details

Details

Securely manage and store all keys and sensitive data in a single, centralized location

KeyBRIDGE UKM is a standalone platform solution that stores all keys and sensitive data for an entire organization. This ensures that the organization has complete control of the key inventory and is not dependent on the availability of a database, service vendor or employee. Its simple key management functionality spans the full key lifecycle from generation through to escrow and termination.
The central user interface provides complete visibility of the entirekey inventory at any time.

KeyBRIDGE UKM secures all keys and maintains support for the generation, import, and distribution of any key type.

All keys within KeyBRIDGE UKM are protected under a 256 Bit AES System Master Key, which can be used immediately, distributed as a cryptogram or broken down into component parts or shares.

KeyBRIDGE UKM adds additional value by allowing integration of further Utimaco HSMs as well as third party HSMs like Atalla, Thales and SafeNet, enabling the user to perform key management functions using a single, easy-to-use interface with both local console or RESTful API access.

Detailed Key Inventory

  • Tracks generation, import, export, termination details and optional key expiration dates

Full life-cycle key management

  • Tracks all instances of imported and exported keys
  • Maintains key history even if a key has been terminated and removed from the system

Certified for Payment and General-Purpose use cases

  • FIPS 140-2 certified
  • PCI-HSM certified

High physical and logical security

  • Provides intrusion-resistant and tamper-evident hardware
  • Enables role-based access control (RBAC) enforced with dual control and split knowledge

Best-in class entropy and high-quality keys

  • NIST SP 800-90B
  • AIS 31DRG.4 compliant hash based DRNG
  • AIS31 PTG.2 compliant TRNG

Third party HSM integration

  • Enables integration of CryptoServer, Atalla, Thales and SafeNet HSMs

Supporting various algorithms and mechanisms

  • RSA, DSA, ECDSA with NIST and Brainpool curves
  • DH, ECDH with NIST and Brainpool curves
  • AES, Triple-DES, DES
  • MAC, CMAC, HMAC
  • SHA-1, SHA2-Family, SHA3

Easy integration and use

  • Through UI & RESTful API interface
  • Central interface

KeyBRIDGE POI

 

TokenBRIDGE

 

SecurityServer

Our general-purpose HSM that ensures the security of cryptographic key material for servers and applications.

References

References

Verifone

Verifone

Contact us

We look forward to answering your questions.

Our Partners

Look for the best implementation or distribution partner for your project.

Get in touch with us

Talk to one of our specialists and find out how Utimaco can help you today.