Solutions

Public Key Infrastructure (PKI): KeyOne

KeyOne: Public Key Infrastructure (PKI) The KeyOne family provides a complete range of products for implementing advanced public key infrastructure (PKI) solutions that include digital certificate generation and management, digital certificate validation and electronic time-stamping.

The KeyOne family of products:

Facilitate the integration and adaptation of corporate processes in Service-Oriented Architectures (SOA) SOAP/XML.
Feature a workflow manager that simplifies the adaptation of the registration process to business requirements.
Simplify the control of the public key infrastructure (PKI) through automatic key management.
Guarantee the capacity for system growth with new and advanced services and support different architectures and high-load requirements.
Guarantee interoperability by supporting industry-recognized standards, such as X.509v3 ITU-T, ETSI and IETF PKIX.
Support ICAO and EAC functions for ePassports.
Are designed to meet the security requirements for digital certificate management systems for electronic signatures (CWA 14167-1).
Have Common Criteria certification with EAL4+ level (CC EAL4 +) for KeyOne v3.0.

The KeyOne family comprises the following products:

KeyOne CA: a software application that performs the Certification Authority functions of issuing public key digital certificates using the syntax defined in ITU-T X.509v3. Optional ICAO/EAC electronic passport extensions.
KeyOne VA: an application that performs the role of the Validation Authority, issuing evidence that proves the validity of digital certificates in accordance with IETF's OCSP protocol (Online Certificate Status Protocol).
KeyOne TSA: an application that acts as a Time-Stamp Authority, issuing evidence that proves the existence of data at a certain time in accordance with IETF's TSP protocol (Time-Stamp Protocol).
KeyOne XRA: an application that carries out the Registration Authority functions of registering digital certificate requests, requesting digital certificates from the certification authority, requesting certificate revocations, delivering digital certificates and publishing them in repositories.
KeyOne LXRA: a special type of registration application included in KeyOne XRA for performing face-to-face registration in local systems. As it can control a smartcard printer, customization is supported.
KeyOne Desktop: an office automation application for users to protect files with electronic signatures and long-term data encryption. It can be integrated into other applications through local XML messages.

KeyOne 3.0 has an ISO/IEC 15408 EAL4+ (ALC_FLR.2) assurance level and complies with the CIMC Security Level 3 Protection Profile (Certificate Issuing and Management Component, NIST, 31 October 2001). For more information, go to: http://www.oc.ccn.cni.es/certificacion_en.html.

Product information

Regulatory Compliance
Community Framework for Electronic Signatures

Case Studies
Identification and access control Electronic passport deployment in Spain Towards a new electronic identification of citizens: the DNI-e

News

Safelayer solutions provide the security mechanisms and trust management for identification and authorisation, digital signature and data encryption to the highest security requirements and legal compliance.

Common Criteria (ISO/IEC 15408) with level EAL4+, digital certificates management for electronic signature (CWA 14167-1), community framework for electronic signature (Directive 1999/93/EC), regulations on electronic invoice (e-Invoice).

Our solutions can be deployed as REST and SOAP Web services in a Service Oriented Architecture (SOA) and XML, providing the security standards OASSIS DSS, PKCS#7/CMS, CAdES, S/MIME, PDF digital signature, XML-DSig, XAdES, XML-Enc, WS-Security, digital certificates and time stamping (PKI X.509, OCSP y TSP) and ICAO/EAC electronic passport (ePassport).