Stateless Key Management
Secure, adaptable and extensible enterprise key management
Unlike legacy key management solutions that require complex replication and scaling architectures, Voltage Security® provides Stateless Key Management that enables on-demand key generation and re-generation without an ever-growing key store. The result is a system that can be infinitely scaled across distributed physical and logical locations with no additional overhead.
Voltage Stateless Key Management:
Eliminates operational complexities, guarantees keys cannot be lost
Voltage Stateless Key Management is vital for global organizations; with highly available, distributed architecture it provides keys automatically with no key storage or database management issues such as key roll-over, back-up, recovery and audit.
Extends IT investment in existing Identity Management infrastructure
Stateless Key Management can be linked to existing Identity Management infrastructure including roles and groups. Permission to decrypt or de-tokenize can be assigned on an application or user basis, and can be managed through external LDAP directories, taking advantage of LDAP groups to simplify user management. The result is role based access to data at a data field level, mapping directly to enterprise data access rules and policies.
|Other systems: Stateful||Voltage: Stateless|
|Constant backups required||One-time backup|
|Key replication required among servers||No replication required – all servers can derive the same keys|
|Lost key can result in lost data||Keys can never be lost|
Key Features and Capabilities:
- Supports both public- and symmetric-key management, including keys for IBE, FPE, AES, and 3DES encryption.
- Provides PCI-compliant automated key generation, rotation, and revocation.
- Integrates with any existing authentication or identity management system, including Active Directory, LDAP, and Single Sign-On systems.
- Offers enterprise-wide visibility through centralized administration, auditing, and reporting.
- Eliminates need for complex key databases, certificate directories, and revocation lists.