Our Approach to PKI

PKI Technology is based on Keys - Private and Public key pairs. We discuss PKI technology in full detail somewhere else in this website. At this point it suffices to know that we get the keys from either Thales or Gemalto HSM. As a corporate policy we always store the master encryption keys back in the HSM. For dedicated deployments we use PCIe HSMs cards but for large orgnizations or high key demand scenarios the "Bill of Materials" will specify LAN HSMs instead. These are general purpose HSMs as opposed to payment HSMs.

The most secure data security solutions must combine software and hardware. The hardware is necessary and needed to make it harder for the intruder to break or replace the security built-in. Hardware adds another level of difficulty, a major difficulty for the intruder to surmount. The main idea behind most security schemes is to make it hard enough that the intruder for whatever reason sees futility in his or her effort at breaking the system so he or she gives up.

The Trust Token®

The Trust Token® is a smartcard chip technology embedded with a secure element. The interface is USB for versatility without compromising security of smartcard technology. The Token features Hardware- Secured Key Management and Storage.

Cryptographic Algorithm supported include: DES, 3DES, AES128/192/256, SHA-1, SHA-256, SHA-384, SHA-512 and MD5. The Token is well suited to the most demanding smartcard based authentication.

Support with Windows Environment

When used in the Microsoft Windows environment the Trust Token interfaces seamlessly with Microsoft Windows Plug and Play driverless environment operating simply as a smart card. There is no driver required, no additional software required in the Windows environment if the Windows smart card if the Windows built-in smartcard interface is sufficient for a particular application. The USB interface incorporate CCID drivers to protect the USB connection and are therefore less susceptible to packet sniffing.

Deployment in a Microsoft Windows environment requires an Active Directory environment with Active Directory Certificate Services installed. Our personnel will certify your environment or install these components as part of the deployment.

Specification for the Trust Token®

  • FIPS 140 - 2 Level 3 and EAL4+ compliant.
  • 32 bit High Performance Smartcard Processor - competitive processing power to ensure speedy key pair generation, encryption/decryption, key signing, and document signature validation.
  • 128K User Memory, 2MB Flash Memory- ample enough for storing certificates, keys and other sensitive data. 128K user memory is good enough.
  • All credentials stored inside the Trust Token are encrypted and cannot be exported.
  • Like in other smart cards encryption/ decryption processes take place on board the token within the secure element.
  • OS supported include: Windows, Linux and IOS.
  • Cryptographic support include PKCS#11 v2.2.
  • Microsoft CrytoAPI and CNG.
  • ISO7816 Standard.
  • Cryptographic Functions: Microsoft Smartcard Mini Driver.
  • X509 v3 Certificate Storage.
  • SSL v3, IPsec/IKE, PC/SC, CCID.
  • We provide C and Java APIs for integration to your business application.

Use Case

Once installed you can the Trust Token can then be used corporate-wide to sign-in and access secure networks, sign emails, sign Microsoft Office documents, Authenticate VPN access and to Sign Adobe format (pdf) documents.

The deployment is typically driven by your Corporate Security Policy Document.

The Trust Issue, Certificates and the Future

There are registered organizations who are recognized and currently issue certificates for identification on the web. They are recognized by all the browsers and the manufacturers of operating systems. These companies make a lot of money identifying entities on the Internet but the business of certificates and identifying of entities on the Internet is still in its infancy.

A business organization will in future typically deploy and manage a large number of certificates. It would not be economical to order every certificate from a Public Certificate Authority (CA). Your organization will have to self-issue some certificates.

Order your pack of Trust Tokens today. There is a minimum order of fifty units. These are ready to use plug and play in a Microsoft Windows server environment. Call Us for Pricing.

Head Office

Data & Scientific Inc.

160 Sheppard Ave. West

North York, Ontario M2N 1M8

Canada.

General Inquiries: +1 416-360-0133

Sales: +1 888-830-5299

Technical Support: +1 416-360-0133

Fax : +1 416-360-0501

E-mail : info@datasci.net

International Offices

USA

Buffalo, New York

Nigeria

Area 11, Abuja