PKI – Trustgate

Application for Digital Certificate

MPKI provides certificate lifecycle management system with an advanced web-based configuration wizards, administration and support tools, report generators and application integration modules to give an enterprise full control over its CA & to provide the critical link to MSC Trustgate as a Certification Authority. The MPKI service capabilities provide end-user registration, revocation and certification renewal with screens customized to an organization’s specific look & feel for each application.

The effectiveness and security of any PKI system depends critically on how users manage their private keys stored in the media storage (token) associated to it. The concerns to be considered are security, portability, functionality, usability, manageability & cost. For flexibility, the organization can opt to store digital certificates in soft token, USB crypto tokens or roaming with soft certificate.

Among the Components of Managed PKI are:

Local Hosting (Digital ID Center) - enables company to host end-user lifecycle page (enrollment & revocation) on their Web server
Automated Administration Toolkit - automates the registration authoring functions, allowing transparent authentication & revocation of users or devices directly from pre-existing administrative systems or databases
Onsite Control Center (RA admin web portal) - interface where an administrator performs in managing MPKI service including report generation

Key differential advantages

Convenient online delivery and management of digital certificates.

End-user enrollment for digital certificate and certificate issuance is done via Web-based service. Both end-user and administrator services are browser-based and accessed via the Web.

Easy to use and manage with Web-based user and administrator services.

All the certificates can be applied for, registered, and enrolled online with the web browsers in a secure manner.

Complete control over digital certificate issuance, usage, certificate content, renewal, revocation and lifecycle management.

This is unlike the public CA deployment model whereby customers will have to rely on the public CA entirely and comply with the policies of the public CA. The public CA model also does not provide for control over service levels to end users and is difficult to scale in large user population.

Scalability

Some of our local customers have previously used PKI solution provided by another PKI system provider. They have decided to switch to Trustgate because of our proven ability to scale and provide reliable PKI systems for critical financial transactions.