Sandhiguna Key Management System "SG-KMS"
- Flexible and user friendly software-based key management system with hardware-based root of trust and protection.
- Run on a wide range of Intel based servers with enabled Intel® Software Guard Extensions (Intel SGX).
- Designed to support high-performance real time applications.
- Implement state-of-the-art international standard cryptographic algorithms.
- Separation of concerns between Cryptographic Services, Key Management Service and Audit Log Service, either logically or physically.
- Business applications get cryptographic services by using SDK or REST API.
Sandhiguna Key Management System
Software-Based Key Management System with Hardware-Based Root of Trust
- Sandhiguna builds a Key Management System (SG-KMS) to manage cryptographic keys throughout their life cycles and to protect the keys from breaches due to improper key management.
- We deploy state-of-the-arts cryptographic tools that run on Hardware-based Secure Enclave technology (Intel® Software Guard Extensions) to provide both key management system and cryptographic services at the enterprise level.
- SG-KMS is built locally by an all-Indonesian team of experts to meet stringent international standards (Common Criteria for Information Technology Security Evaluation – expected by end of March 2023).
- SG-KMS continues to be developed to include, by Q2 of 2023, quantum-secure cryptographic services, to protect against adversaries capable of implementing large-scale quantum attack algorithms
Application-Level Data Protection
SG-KMS Provides Highest Data Protection at Application Level
Highest Data Protection
• Application Level
• Protect against Database Administrator and Database Users
Advanced Data Protection
• Database Level
• Protect against administrator abuse and
containers theft
Basic Data Protection
• Server and Storage Storage Level
• Protect against loss or theft of physical
media
Use Cases
How SG-KMS Helps Your Business …
KEY MANAGEMENT
Provide management of keys and
cryptographic services across
multiple environments
APPLICATION DATA ENCRYPTION
Provide key management and
encryption solution to keep data secure
at the application level
TOKENIZATION
Substitutes token for sensitive data
to achieve privacy compliance and protect
against data breaches
SECRET MANAGEMENT
Manages secrets natively on-premises and
on-cloud by providing extensive REST APIs and friendly SDK
END TO END PROTECTION
Ensures end-to-end protection for
sensitive information, especially for
authentication purposes
DIGITAL SIGNING
Ensures the security of the private keys associated with certificates across
multiple environments
BRING YOUR OWN KEY
Generate and store keys and perform encryption in customer’s data center with a single point of management & auditability
MULTI CLOUD PROVIDER
Secures sensitive data in public, private, hybrid or multi cloud environments
RANSOMWARE PROTECTION
Encrypts backup data to avoid data loss,
ensure availability and avoid regulatory penalties