x

English
Deutsch

Solutions
Products
Services
Blog
About
Contact

Stories and Papers

Stories
Use Cases
Solution Briefs
Whitepapers

Stories

HARDWARE IS THE KEY TO INFORMATION SECURITY

Networks have evolved to carry information with varying degrees of sensitivity, and they need to be protected on several levels. On the technical level, purely software-based solutions are not enough. Trusted hardware components are equally essential.

HOW TO TRANSFORM A VPN INTO A FULLY PROTECTED NETWORK

VPN and fiber optic networks are not per se inherently secure. Hence, a company sharing its business between two or more office locations has to allocate extra resources to protect its IT network. For this security measure and the protection of sensitive company data, two complementary devices are required: Layer-2 encryptors and hardware security modules.

SECURITY IN PAYMENT TRANSACTIONS THANKS TO HSM FROM SECUROSYS

The previous system for payment transactions in Switzerland, SIC 3, will be deactivated: As of July 2017, the successor version SIC4 will go into operation. This is secured with the Primus HSM S500 from Securosys. It will process transactions in the amount of up to 480 billion Francs per day. What were the requirements for the system, which factors contributed to its success, and how does Securosys now stand?

QUANTUM COMPUTERS - A THREAT FOR PKI?

What are the prerequisites for a secure PKI today? Will quantum computers make PKIs obsolete in the future? Could blockchain provide a solution? The speakers attended such questions at a SIGS event. Another question also discussed was when quantum computers would be ready for production at all.

Use Cases

NETWORK ENCRYPTORS: ESSENTIAL FOR THE PROTECTION OF SENSITIVE CUSTOMER DATA

FLYNT bank uses network encryptors and a cluster of Securosys Primus HSMs for its IT security. The company hence has to protect highly sensitive customer information. In his keynote speech, Stefan Thiel specified the security requirements for FLYNT’s IT security architecture and how he had proceeded in the evaluation of the network encryptor.

Solution Briefs

Security Microsoft PKI deployment based on Microsoft active directory certificate services (AD CS)

The Microsoft (MS) Server package already contains a PKI. With that PKI a Certificate Authority (CA) can be established. The trust of the entire system and validity of each issued certificate depends upon the protection of the CA key issuing the identities.Therefore, Microsoft best practices recommend storing private keys on a HSM.

Remote Administration of Primus HSM and user partitions with DECANUS Terminal

Decanus allows easy and cost-effective management of your HSMs without compromising security. The Remote Control Terminal allows you to manage up to 64 Primus HSMs in different locations worldwide - or it can manage only one partition on the Primus HSM without the need to turn on or trust the HSM administration.

Take control of your CloudsHSM partition

Customers who opt for Primus HSM as a service do not need to trust Securosys to handle their security. Instead, they can control their partition access and security settings without any interference – even from Securosys administrator.

Whitepapers

Safeguarding of Crypto Assets

We take a look at different technologies and methods available for custodial platform, ranging from open-source cold-storage standards using on-chain multi-signature schemes, through Secure Multi-Party Computation to Hardware Security Modules by both legacy manufacturers and Securosys.

We also explore advantages and shortcomings of Hardware Security Modules, how they must evolve to keep up with the paradigm change introduced by cryptocurrencies to help us understand how to lead that change.

Securing Oracle with Primus HSM

Protecting an Oracle environment requires a Securosys Primus HSM together with a supporting library implementing the standard interfaces such as Microsoft Cryptographic Service Provider (MS CNG), Java JCE and PKCS#11. Data are encrypted and decrypted using Transparent Data Encryption (TDE). The installation and benefits of this solution are described by Marcel Suter of our partner firm libC Technologies SA in a solution brief.

HOW TO ATTACK A PROVENLY SECURE ALGORITHM AND HARDEN IT THEREAFTER

Why do encryption algorithms, even if recognized as highly secure by the cryptographic community, show unexpected weaknesses? How does information need to be encrypted and corresponding algorithms modified, assuming that attackers are able to exploit side channels using high-precision measurement tools? A research team from Securosys and the University of Applied Science (HSR) in Rapperswil, Switzerland, worked on exactly these topics in a project supported by the Federal Commission for Technology and Innovation (CTI).

PROBABLY THE MOST EFFICIENT ARCHITECTURE FOR ECC-BASED AUTHENTICATION

The digital signature is an effective method to protect information from modifications by fraudsters. However, the more sophisticated the attacks of cybercriminals get, the more complex authentication algorithms have to be decommissioned. This additional complexity increases execution time and requires additional computing resources.

Solutions
Products
Services
Blog
About
Contact

Language

English
Deutsch

Address

Förrlibuckstr. 70
8005 Zürich
Switzerland

Phone

+41 44 552 31 00

Fax

+41 44 552 31 99

Follow us on social media

Copyright © 2019 Securosys SA. All rights reserved.

Sitemap
Privacy Policy
Terms and Conditions