OpenTrust PKI

OpenTrust Public Key Infrastructure (PKI)

THE KEY TO ELECTRONIC TRUST FOR THE MANAGEMENT OF DIGITAL IDENTITIES OF USERS, DEVICES AND APPLICATIONS

Key Benefits

  • Complete life cycle management of digital identities for all entities, users, devices and applications
  • A market-proven solution with low Total Cost of Ownership
  • Rapid connectors to other IT system components
  • An open, modular and highly scalable solution
  • Full local or centralized certificate and key life cycle management
  • Supports multiple CAs for singular or multiple applications
  • Complete credential management for Public Key certificates in IT systems
  • Modular light architecture for public-key operations (PKO)

Main Outline

The pace of technological development is accompanied by increasingly sophisticated cyber criminals who threaten the IT infrastructures of enterprises worldwide. This has led to the need for more advanced security solutions to combat such high level risks.
OpenTrust PKI is an open, modular and highly scalable solution designed to address this need. This innovative and market-proven solution is one of OpenTrust’s core products for building a trusted ecosystem.
OpenTrust PKI creates, issues and manages the digital identities of users or devices within a Public Key Infrastructure. It oversees the complete credential management for Public Key certificates in IT infrastructures, encompassing any kind of smart card or token that embeds an X.509 certificate and a key pair.
The modular architecture of OpenTrust PKI allows support for singular or multiple applications, management of certificates and keys locally or centrally, and can be implemented within a centralized or decentralized architecture.
OpenTrust PKI is seamlessly integrated into the existing corporate IT infrastructure and databases through its simplicity by design concept. It manages the entire life cycle of the digital identities of all entities, users, devices or applications within the IT systems hence acting as the key enabler of a trusted ecosystem.

 Solution Advantages  Life Cycle of Digital Certificates  Main Technical Characteristics
  • Modular, open and highly scalable
  • Complete management of the life cycle of certificates and certification authorities
  • Standards-compliant
  • SOAP connectors to facilitate integration into information systems
  • Multiple certification authorities
  • Mono or multi-machines
  • Centralized registration authorities and enrolment entities
  • Decentralized, centralized, synchronous, SCEP modes
  • Configurable workflow to conform with security policies
  • Native integration with Microsoft: Active Directory, multi-domain, multi-forest, Vista
  • PRISv2 compliant
  • Multi-directory and multi-OS support
  • Support for CRLv2 and OCSP
  • Man-Machine Web interface
 Solution Advantages
  • Modular, open and highly scalable
  • Complete management of the life cycle of certificates and certification authorities
  • Standards-compliant
  • SOAP connectors to facilitate integration into information systems
  Life Cycle of Digital Certificates
  • Multiple certification authorities
  • Mono or multi-machines
  • Centralized registration authorities and enrolment entities
  • Decentralized, centralized, synchronous, SCEP modes
  • Configurable workflow to conform with security policies
 Main Technical Characteristics
  • Native integration with Microsoft: Active Directory, multi-domain, multi-forest, Vista
  • PRISv2 compliant
  • Multi-directory and multi-OS support
  • Support for CRLv2 and OCSP
  • Man-Machine Web interface
 Components  Technical Details  

The OpenTrust PKI is composed of the following  server application components:

  • OpenTrust PKI CA
  • OpenTrust PKI RA
  • OpenTrust PKI EE
  • OpenTrust PKI Logs

These components can be hosted on the same server or on multiple host servers.

  • Life Cycle of Digital Certificates
  • Offline/Online Certification Authority
  • Multiple Certification Authorities management
  • Escrow and Recovery of encryption keys
  • Secure Workflow Manager
  • Enrolment Entity
  • Multiple Publication of certificates and CRLs
  • Mono or multi-machines
  • Centralized registration authorities and enrolment entities
  • Main Technical Characteristics
  • Multi-directory and multi-OS support
  • Support for CRLv2 and OCSP
  • SCEP, CMC and SOAP connectors
  • Decentralized, centralized, synchronous, SCEP modes

Technical Details Diagram

 Components

 The OpenTrust PKI is composed of the following server application components:

  • OpenTrust PKI CA
  • OpenTrust PKI RA
  • OpenTrust PKI EE
  • OpenTrust PKI Logs

 These components can be hosted on the same server or on multiple host servers.

 Technical Details
  • Life Cycle of Digital Certificates
  • Offline/Online Certification Authority
  • Multiple Certification Authorities management
  • Escrow and Recovery of encryption keys
  • Secure Workflow Manager
  • Enrolment Entity
  • Multiple Publication of certificates and CRLs
  • Mono or multi-machines
  • Centralized registration authorities and enrolment entities
  • Main Technical Characteristics
  • Multi-directory and multi-OS support
  • Support for CRLv2 and OCSP
  • SCEP, CMC and SOAP connectors
  • Decentralized, centralized, synchronous, SCEP modes

Our References

OpenTrust’s security solutions have already been adopted by the top 500 corporations worldwide.

Administration/ Government Banking and Insurance Industry and Services
CEA, La Poste, INSERM, SwissArmy, French Ministry of Finance & Agriculture, Cetrel in Luxembourg… First Gulf Bank, LCL, GMF Assurances, Bred, CNCE, Banksys, National Bank Of Belgium, SPF-Finance, AGF, SMAM, Gan… Etihad, Total, Renault, Nissan, Alstom, Sanofi Aventis, Pixid, Michelin, Areva, Technip, Faurecia, Thalès, Mobistar…