Certificate Issuance and Management System (PARSTRUST)

Application:

Management of all electronic certificate life cycle processes such as issuing, renewing, suspending or canceling


Certified ByTrust

Product Introduction:

The PARSTRUST product is designed to set up and establish the necessary infrastructure for issuing and using electronic certificates and digital signatures in electronic systems such as administrative automation, payment systems and electronic government services. The purpose of this system is to provide the necessary tools and processes for issuing and managing electronic certificates.

With the help of this system, it is possible to issue an electronic certificate for all kinds of applications, cancel or suspend a specific user’s certificate, or extend it if it reaches its expiration date.

The possibility of inquiring about the status of the user’s certificate from the software and inserting a time stamp on an electronic transaction is one of the other capabilities that ParsTrust offers. In short, the management of all the life cycle processes of electronic certificates becomes possible with the help of ParsTrust. This product consists of 7 components CA, RA, IdP, OCSP, VA, TSA, and PKIR.

Technical Specifications:

Functional features:

*Support for public key certificates and v1 X509 v3

*Support for CRL v2

*Support for PKCS #1, #5, #7, #8, #9, #10, #11, #12

*Compliance with IETF PKIX certificate management standards

Support for determining certificate management policies through dynamic profiles

including:

*The ability to determine the format for the content of each of the subject fields of the certificate

*The ability to define different extensions to include in the certificate

*Ability to issue several different certificates with one profile

*Ability to not make the policies related to the certificate be retrospective and ex post facto

* Ability to define key profile including key length, key generation algorithm, key lifetime, key storage medium

* Automatic and semi-automatic management of certificates

* The ability to determine the allowable range of the certificate renewal request (Renew Margin)

*Ability to issue, revoke, suspend and unsuspend all types of certificates

*Ability to extend and renew the key of all types of issued certificates

*Supporting the determining of the operation time on the certificate for the future

*Supporting key management functions including production, storing, revocation and suspension

*The ability to manage requests (registering, reviewing and editing, canceling and

deleting all types of certificate requests)

*Ability to archive, search and retrieve applications and certificates

*Ability to view the working process of requests

*Ability to display the life cycle of the certificate

*Verification of two-factor authentication of system users

*The ability to define and manage different roles for each component based on the

services offered by the components

*Multi-level defining and managing of organizations up to 5 levels

*The ability to define and manage users for each component with the ability to assign

roles and organizations

*Access control of multi-level users in the form of Role-Based and Record-Level

*Supports HelpDesk

*Supports PKCS#11 standard interfaces, communication with all kinds of hardware and software encryption modules

*Ability to work with all types of encryption modules such as JKS, IAIK, Luna, PTK, SUN

*Compatibility with ParsKey token

*The ability to support the determination of the CRL time frame

*Ability to update and periodically publish CRL compatible with RFC5280

*Supports issuing certificates and CRL mechanisms in the PKIR repository compatible

with RFC2253 LDAP protocol

*The possibility of addressing and differentiating the certificate based on the

distinguished name (DN) compatible with RFC2396

*Ability to simultaneously update several OCSP, RA, PKIR 28- Supporting RSA, ECC, DSA algorithms

*Supporting the function of producing a time stamp compatible with the RFC3161 standard

*Supporting the online and customized validation mechanism through the VA component

*Supporting online certificate status inquiry mechanisms in the OCSP component

compatible with RFC5019

*Audit chronlogy in the form of Block Chain in all components

*Normal chronology with the possibility of saving in various files, databases or

Section: Protection

sending events over the network

Operational features of ParsTrust product:

*Has a Licensing mechanism

*Ability to manage and guide certificate authority (CA) and registration authority (RA)

*The ability to support multiple CAs in the RA component

*The ability to support multiple CAs in the OCSP component 5- Has a user-friendly web portal for each component

*Ability to increase OCSP components separately

*Ability to increase the number of registration offices

*It has high scalability with the ability to use different components of the product in a centralized and distributed manner according to the need.

*No limit on the number of levels of the trust hierarchy

*Compatibility and ability to run on different software and hardware platforms

*HA capability with Load Balancing and FailOver management

*Monitoring ability

*Having a backup and information recovery plan

*Speed in the operation of issuing certificates and generating keys

*Ease and speed in deployment and installation

*Support for two-way SSL/TLS communication between components

*Support for SSL/TLS connection with the database

*Support for SSL/TLS communication with the certificate storage repository and CRL

(PKIR component)

*Product development features of Parstrust:

*Presenting the structure of ParsTrust product components in the form of As Services with a three-layer architecture

*Using the Java programming language to implement servers, which leads to the execution of the product on any operating system.

*Using Java and PHP programming languages to implement web user interfaces

*Has intelligible documentation and diagrams for each of the components based on UML 2.0

*Database-independent design and ability to work with Oracle, MySQL, PostgreSQL, DB2, Microsoft SQL Server databases

*Using Scrum methodology (with internal localization) for product development

Company

Type

This product is information security software.

Service Type and Platform

, ,

Product or Service Category

SKU: 14103 Category: 
Product Categories
My Cart
Categories