Sandhiguna Key Management System "SG-KMS"
- Flexible and user friendly software-based key management system with hardware-based root of trust and protection.
- Run on a wide range of Intel based servers with enabled Intel® Software Guard Extensions (Intel SGX).
- Designed to support high-performance real time applications.
- Implement state-of-the-art international standard cryptographic algorithms.
- Separation of concerns between Cryptographic Services, Key Management Service and Audit Log Service, either logically or physically.
- Business applications get cryptographic services by using SDK or REST API.
![](https://sandhiguna.com/wp-content/uploads/2023/01/Sandhiguna-Center.png)
![](https://sandhiguna.com/wp-content/uploads/2022/10/kmc-img.png)
Sandhiguna Key Management System
Software-Based Key Management System with Hardware-Based Root of Trust
- Sandhiguna builds a Key Management System (SG-KMS) to manage cryptographic keys throughout their life cycles and to protect the keys from breaches due to improper key management.
- We deploy state-of-the-arts cryptographic tools that run on Hardware-based Secure Enclave technology (Intel® Software Guard Extensions) to provide both key management system and cryptographic services at the enterprise level.
- SG-KMS is built locally by an all-Indonesian team of experts to meet stringent international standards (Common Criteria for Information Technology Security Evaluation – expected by end of March 2023).
- SG-KMS continues to be developed to include, by Q2 of 2023, quantum-secure cryptographic services, to protect against adversaries capable of implementing large-scale quantum attack algorithms
Application-Level Data Protection
SG-KMS Provides Highest Data Protection at Application Level
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-1.png)
Highest Data Protection
• Application Level
• Protect against Database Administrator and Database Users
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-2.png)
Advanced Data Protection
• Database Level
• Protect against administrator abuse and
containers theft
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-3.png)
Basic Data Protection
• Server and Storage Storage Level
• Protect against loss or theft of physical
media
![](https://sandhiguna.com/wp-content/uploads/2023/01/SG-KMS-1.png)
Use Cases
How SG-KMS Helps Your Business …
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-key.png)
KEY MANAGEMENT
Provide management of keys and
cryptographic services across
multiple environments
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-padlock.png)
APPLICATION DATA ENCRYPTION
Provide key management and
encryption solution to keep data secure
at the application level
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-tokenization.png)
TOKENIZATION
Substitutes token for sensitive data
to achieve privacy compliance and protect
against data breaches
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-secret.png)
SECRET MANAGEMENT
Manages secrets natively on-premises and
on-cloud by providing extensive REST APIs and friendly SDK
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-secure.png)
END TO END PROTECTION
Ensures end-to-end protection for
sensitive information, especially for
authentication purposes
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-certificate-management.png)
DIGITAL SIGNING
Ensures the security of the private keys associated with certificates across
multiple environments
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-bring-key.png)
BRING YOUR OWN KEY
Generate and store keys and perform encryption in customer’s data center with a single point of management & auditability
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-multi-cloud.png)
MULTI CLOUD PROVIDER
Secures sensitive data in public, private, hybrid or multi cloud environments
![](https://sandhiguna.com/wp-content/uploads/2022/10/icon-ransomware.png)
RANSOMWARE PROTECTION
Encrypts backup data to avoid data loss,
ensure availability and avoid regulatory penalties