FKMS - Frankenstein Key Management System
The Frankenstein Limes® Key Management System (FKMS) was developed to provide customers who have no cryptographic infrastructure of their own with a solution that enables them to manage the granting of privileges for keys needed by FLAM in an easy and professional way.
- Professional key-management system for the local storage, controlled exchange, centralized distribution, and archiving of encrypted FLAMFILEs for arbitrarily many entities
- FKMS does not require a cryptographic infrastructure
- Minimal integration costs
- Maximum protection for the data
- Easy-to-use user interface with integrated SQL-database
- Registration of participating entities and their roles
- Mediator: may rekey data but not read them
- End node: may create and process data
- Scheme determines who may send to whom (Having the right to send to myself implies the right to store (archive, backup). Same is true for mediator)
- Definition of key versions with expiration dates
- Generation of entire key materials by pushing a button
- Storage of key materials as backup in the database
- Provision of entities with key materials via an encrypted key file (online) and a passphrase (key letter)
- Logging of all activities and key distribution
- Firm control over usage of keys (mediator may send only to mediators or end nodes confirmed by owner)
Our added value
- Proven security, cryptography, Hardware-Security-Module (HSM), and key management are core competencies of our enterprise.
- Tight control of the usage of a key prevents its misuse by insiders.
IBM developed for us FKMS as a prototype. It must be modified to match the respective customer's needs. Beside the software, its deployment requires an integration project with professional service.