Key Management Service with Primus HSM
As a centralized key management system, the Key Management Service (eKMS) provides the standard on-board cryptographic key life cycle management: symmetric and asymmetric hardware based key generation backed up with high quality RNG, key renewal, hardware-to-hardware key exchange, key revocation, genuine HSM key storage, replication, backup and restore.
- Production of symmetric or asymmetric keys on Primus supporting order management (industrial lots), Primus HSM to device secure key injection and key storage.
- Dissemination of produced key material to remote Primus HSMs using hardware-to-hardware built-in object synchronization.
- Tracking of produced keys and associated devices using customer defined object attributes such as device Id, serial number or production lots.
- Activation of individual key/device pair indicating produced, associated or revoked status codes.
- Permanent access to obsolete key material for retired/deactivated devices secured on offline Primus HSMs.