Digital certificates are a common basis for establishing trust between communicating entities - on the Internet as well as within private networks. They are increasingly important for securing IoT applications employing wireless sensor networks and smart connected devices, with each endpoint representing a new attack surface. That growing attack surface is critical to consider when designing your security architecture.
Managing an organization’s certificates with an in-house Public Key Infrastructure (PKI) is usually a time consuming and expensive endeavor. Certicom makes it easy, offering a secure and reliable hosted PKI platform which can manage certificates on behalf of an organization or an entire ecosystem. The service minimizes the up-front expense and lowers the ongoing cost of managing certificates while helping customers secure their devices and get their products to market quickly.
You Can Afford the Best
Companies designing constrained devices often skimp on security due to perceived cost and complexity – with Elliptic Curve Cryptography (ECC) there is no need to skimp. Certicom can provide efficient yet powerful ECC-based security at an affordable price, offering both traditional X.509 certificates and size-optimized ECQV certificates to meet your security requirements. There is no reasonable excuse for companies securing their companies with legacy password and symmetric keying schemes when robust, enterprise class security is so readily available. Legacy RSA support is also available.
Certicom is an applied cryptography specialist with significant experience in the implementation of high scale device PKIs. Certicom’s Managed PKI Service and security consultants enable customers to focus on their core business.
The Managed PKI Service is a solution deployed in a secure BlackBerry infrastructure. All sensitive material is protected using Hardware Security Modules (HSMs). The infrastructure is fully redundant to ensure uninterrupted service, with automated data backup and disaster recovery facilities.
Certificates can be issued individually or in bulk. In the former case, the process can be fully automatic with a trusted vetting system verifying all certificate requests:
A variety of vetting schemes, including fully custom vetting solutions are possible. In conventional CA parlance the vetting scheme is managed by a Registration Authority (RA). Certicom allows customers to manage vetting on premise, as a hosted service, or securely managed in device manufacturing line using the Certicom Asset Management System.
For bulk issuance, batches of certificate requests can be uploaded to the CA via the GUI. The issued certificates can then be downloaded and injected into devices.