Our Approach to PKI

Data & Scientific sources all PKI keys from Thales or Gelmalto HSM. As a corporate policy we always store the master encryption keys back in the HSM. For dedicated deployments we use PCIe HSMs cards but for large orgnizations or high key demand scenarios the "Bill of Materials" will specify LAN HSMs instead. These are general purpose HSMs as opposed to payment HSMs.

The most secure data security solutions must combine software and hardware. The hardware is necessary and needed to make it harder for the intruder to break or replace the security built-in. Hardware adds another level of difficulty, a major difficulty for the intruder to surmount. The main idea behind most security schemes is to make it hard enough that the intruder for whatever reason sees futility in his or her effort at breaking the system so he or she gives up.

The Trust Token®

The Trust Token® is smartcard chip technology embedded with a secure element. The interface is USB for versatility without compromising the security of smartcard technology. The Token features Hardware- Secured Key Management and Storage.

Cryptographic Algorithms supported include: DES, 3DES, AES128/192/256, SHA-1, SHA-256, SHA-384, SHA-512 and MD5. The Token is well suited for the most demanding smartcard based authentication.

Support with Windows

When used in the Microsoft Windows environment the Trust Token interfaces seamlessly with Microsoft Windows Plug and Play driverless environment operating simply as a smart card. There is no driver required, and no additional software required in the Windows environment if the Windows built-in smartcard interface is sufficient for a particular application. The USB interface incorporates CCID drivers to protect the USB connection and are therefore less susceptible to packet sniffing.

Deployment in a Microsoft Windows environment requires an Active Directory environment with Active Directory Certificate Services installed. Our personnel will certify your environment or install these components as part of the deployment.

Specifications for the Trust Token®

  • FIPS 140 - 2 Level 3 and EAL4+ compliant.
  • 32 bit High Performance Smartcard Processor - competitive processing power to ensure speedy key pair generation, encryption/decryption, key signing, and document signature validation.
  • 128K User Memory, 2MB Flash Memory- ample enough for storing certificates, keys and other sensitive data. 128K user memory is good enough.
  • All credentials stored inside the Trust Token are encrypted and cannot be exported.
  • Like in other smart cards encryption/ decryption processes take place on board the token within the secure element.
  • OS supported include: Windows, Linux and IOS.
  • Cryptographic support include PKCS#11 v2.2.
  • Microsoft CrytoAPI and CNG.
  • ISO7816 Standard.
  • Cryptographic Functions: Microsoft Smartcard Mini Driver.
  • X509 v3 Certificate Storage.
  • SSL v3, IPsec/IKE, PC/SC, CCID.
  • We provide C and Java APIs for integration to your business application.

Trust Token Applications

Once installed the Trust Token can used corporate-wide to sign-in and access secure networks, sign emails, sign Microsoft Office documents, authenticate VPN access and to sign Adobe .pdf documents.

The Future of Trust and Certificates

Presently there are many recognized organizations who issue identification certificates on the web. Recognizable and accepted by all major browsers and operating system manufacturers, these organizations are very lucrative. Today they identify entities on the internet, however the business of identification certificates and the identifying of entities on the internet is still in its infancy.

A business organization will in future typically deploy and manage a large number of certificates. It would not be economical to order every certificate from a Public Certificate Authority (CA). Your organization will have to self-issue some certificates.

Order your pack of Trust Tokens today. There is a minimum order of fifty units. These are ready to use plug and play in a Microsoft Windows server environment. Call Us for Pricing.

Head Office

Data & Scientific Inc.

160 Sheppard Ave. West

North York, Ontario M2N 1M8

Canada.

General Inquiries: +1 416-360-0133

Sales: +1 888-830-5299

Technical Support: +1 416-360-0133

Fax : +1 416-360-0501

E-mail : info@datasci.net

International Offices

USA

Buffalo, New York

Nigeria

Area 11, Abuja