Applications |
|
|
- OASIS Security Assertion Markup Language (SAML)
- Web Services Security (WSS)
- Electronic Data Interchange (EDI) security
- Electronic Application Integration (EAI) security
- Service Oriented Architecture (SOA) security
- Visa 3-D Secure
- Verified by Visa
- MasterCard SecureCode
- JCB International J/Secure
- American Express SafeKey
- Health Level Seven (HL7)
- RosettaNet
|
Security |
|
|
- W3C compliant enveloping, enveloped and detached XML signature generation and verification
- W3C compliant XML encryption and decryption
- PKCS#1 signature generation and verification
- PKCS#5 password-based encryption and decryption
- PKCS#7 signature generation and verification
- S/MIME encryption/decryption and signature generation
- PKCS#5 encryption/decryption
- Adobe Portable Document Format (PDF) signature generation and verification, encryption and decryption
- NIST FIPS-197 AES encryption and decryption
- Japan NTT/Mitsubishi Electric Camellia encryption and decryption
- Korean Data Encryption Standard (SEED) and ARIA block ciphers
- Chinese National SCB2(SM1), SSF33, SSF28 encryption and decryption
- NIST FIPS-46-3 3DES encryption and decryption
- DES, RC4, RC2, CAST5 encryption and decryption
- 512, 1024 and 2048 bit public key cryptography
- RSA and DSA public key cryptography
- SHA-1, MD5 and Chinese National SCH(SM3) hash generation
|
Key Management |
|
|
- Multiple certificate authority (CA) support
- Hardware true random (optional) or software pseudo-random key generation, inquiry and deletion
- Built-in certificate request and revocation check (CRL/OCSP)
- X.509 and PKCS#12 DER and PEM Key Import and Export
- Key Usage Profiling
- RDBMS and Generic LDAP Support and Integration
- Industry Standard PKCS#11
- NIST FIPS-140-1 level 2 cryptographic module support (optional)
- Automatic Certificate Retrieval via HTTP or LDAP
- Certificate Validity Check
- Certificate Revocation Check via HTTP or LDAP
- Certificate Revocation List (CRL)
- Certificate Revocation List Distribution Point (CRLDP)
- Online Certificate Status Protocal (OCSP)
- CRL scheduled download, caching and automatic retry
- OCSP scheduled request, caching and automatic retry
|
Hardware Security Module Support |
|
|
- AEP Networks Keyper
- Oracle Sun Crypto Accelerator
- Sophos Utimaco SafeGuard CryptoServer
- Thales nShield
- HP Atalla
- IBM 4758 Cryptographic CoProcessor
- IBM eServer Cryptographic Accelerator
- IBM Crypto Express2
- IBM CP Assist for Cryptographic Function
- Cavium NITROX XL
- Other PKCS#11 compliant hardware security modules
|
XML Features |
|
|
- Encryption
- Decryption
- Enveloping, enveloped and detached XML signature generation and verification
- Transforms
- Canonicalization
- Web Services
- SOAP
- XML-RPC
- XSLT/XML processing
- XML schema validation
- XPath
|
Non-XML Features |
|
|
- PKCS#1 cryptography and digital signature
- PKCS#7 cryptography and digital signature
- Adobe PDF digital signature
|
Standard Support and Certification |
|
|
- OASIS Key Management Interoperability Protocol (KMIP) support
- NIST FIPS 140-2 compliant Bloombase Cryptographic Module
|
Management |
|
|
- Web based menu driven
- SSL protection
- No learning curve
- Central administration and configuration
- User security
|
Accessibility |
|
|
- Web services
- Plain socket
- HTTP
- Java HTTP tunneling
- Java Remote Method Invocation (RMI)
- Native language support: C, C++, Java
|
Portability, Scalability and Extensibility |
|
|
- Pluggable framework
- Configurable business logic and workflow
- User programmable
|
High Availability and Clustering |
|
|
- Stateless active-standby failover
- Stateful active-standby failover
- Stateless active-active round-robin load-balancing
- Stateful active-active round-robin load-balancing
|
Network Management |
|
|
- SNMP (v1, v2c, v3)
- syslog, log rotation and auto-archive
- Heartbeat and keep-alive
|
Platform Support |
|
|
- Bloombase OS
- Solaris
- HP-UX
- OpenVMS
- IBM AIX
- z/OS
- AS400
- Linux
- Microsoft Windows
- Mac OS X
- VMware (vSphere, ESXi, Server), Oracle VM, Sun VirtualBox, Citrix XenServer, Microsoft Virtual Server
|
Hardware Support |
|
|
- i386-base architecture
- AMD 32 and 64 architecture
- Intel Itanium-2 architecture
- IBM Power6 architecture
- PA-RISC architecture
- UltraSPARC architecture
|
