FKMS - Frankenstein Key Management System

The Frankenstein Limes® Key Management System (FKMS) was developed to provide customers who have no cryptographic infrastructure of their own with a solution that enables them to manage the granting of privileges for keys needed by FLAM in an easy and professional way.


  • Professional key-management system for the local storage, controlled exchange, centralized distribution, and archiving of encrypted FLAMFILEs for arbitrarily many entities
  • FKMS does not require a cryptographic infrastructure
  • Minimal integration costs
  • Maximum protection for the data


The product

  • Easy-to-use user interface with integrated SQL-database
  • Registration of participating entities and their roles
    • Mediator: may rekey data but not read them
    • End node: may create and process data
  • Scheme determines who may send to whom (Having the right to send to myself implies the right to store (archive, backup). Same is true for mediator)
  • Definition of key versions with expiration dates
  • Generation of entire key materials by pushing a button
  • Storage of key materials as backup in the database
  • Provision of entities with key materials via an encrypted key file (online) and a passphrase (key letter)
  • Logging of all activities and key distribution
  • Firm control over usage of keys (mediator may send only to mediators or end nodes confirmed by owner)

Our added value

  • Proven security, cryptography, Hardware-Security-Module (HSM), and key management are core competencies of our enterprise.
  • Tight control of the usage of a key prevents its misuse by insiders.



IBM developed for us FKMS as a prototype. It must be modified to match the respective customer's needs. Beside the software, its deployment requires an integration project with professional service.