R

Cryptso�’s Audit, Analy�cs and Compliance Integra�on Module forKMIP Server lets you rapidly add Audi�ng, Analy�cs or Compliancefeatures to your KMIP solu�on. Designed as a component forCryptso�’s KMIP Server SDKs this allows configurable data collec�onfeatures for all KMIP compliant key opera�ons allowing your enterpriseto Audit, Analyze, or ensure the Compliance of your key managementsolu�on.

Cryptso�’s Audit, Analy�cs and Compliance Module for KMIP Serverallows all opera�ons from KMIP Servers and Clients that perform keyopera�ons on the KMIP server to be recorded and subsequently beinterrogated by the Audit, Analy�cs or Compliance func�ons in real-�me or processed in batch mode to inform opera�ons staff of theperformance characteris�cs of the solu�on.

KMIP Clients or Servers that request key opera�ons from a KMIP Serverwith the Audit, Analy�cs and Compliance Integra�on Module opera�ngdo not require special features to enable these enhanced capabili�esallowing vendor-independent Audit, Analy�cs or Compliancemanagement without replacing exis�ng end points.

AUDIT, ANALYTICS & COMPLIANCEIntegration Module for KMIP Server

KEY FEATURES• Full OASIS KMIP compliance

versions: 1.0, 1.1, 1.2, 1.3, 1.4, 2.0*• Guaranteed interoperability with all

released KMIP server products

• Comprehensive example code▫ Custom examples available forrapid integra�on

• Supported on over 35 differentpla�orms including Linux, Windowsand a range of embedded pla�orms▫ Custom platform ports on request

AUDITThe Audit op�on allows for the systema�c and independentexamina�on of records of key opera�ons in an organiza�on to ascertainto what degree the opera�onal reports present a true and fair view ofthe security of key opera�ons.

ANALYTICSThe Analy�cs op�on allows for the discovery and communica�on ofmeaningful pa�erns within the audited key opera�ons. This op�on isavailable in real-�me on the KMIP Server Administra�on Interface ormay be extracted as a scheduled or ad-hoc data extract for analysisusing client tools.

COMPLIANCECompliance allows your system to monitor KMIP opera�ons in a KMIPserver to determine whether the key opera�ons undertaken in theenterprise meets stated company policy, allowing you to raise alertswhen a threshold of non-compliant opera�ons is performed or actedupon by the server.

R

KEY BENEFITSAUDIT, ANALYTICS & COMPLIANCEThe Audit, Analy�cs and Compliance Integra�on Module is a fullyintegrated module that when ac�vated allows your applica�on tocapture and store detailed informa�on about all KMIP opera�onsperformed by the KMIP Server. As the server responds to all clientrequests these are also logged without requiring any changes to theapplica�on and is totally transparent in opera�on to clients.

The amount of data logged is configurable and can be limited to aspecific set of opera�ons so that your applica�on can perform theanalysis required to manage the requirements of a busy enterpriseapplica�on secure in the knowledge that the key management systemcan provide the data required to support your opera�ons.

• Low risk• Easy to use• Transparent to KMIP client

applica�ons• Fully instrumented in Server SDK• Gain access to internal KMIP

Server measurements

Year1

Year2

Year3

Year4

Year5

SALES@CRYPTSOFT.COM WWW.CRYPTSOFT.COM+61 7 3103 0321 | US +1 650 918 4362

@CRYPTSOFTCRYPTSOFT-SECURITY-SPECIALISTS@CRYPTSOFT

Copyright © 2018 Cryptsoft Pty Ltd. All rights reserved. All trademarks, service marks, trade names, product names and logos are property of their respective owners.

2018-05

Sample Server Performance

Sample Key Operations

Data from the KMIP Server can be extracted using Cryptso� suppliedrou�nes or based on a standard schema directly from the underlyingdatabase. This data can also be loaded into your preferred sta�s�csmanagement package if preferred.

• Ac�vate• Add A�ribute• Archive• Cancel• Cer�fy• Check• Create• Create Key Pair• Create Split Key• Decrypt• Delete A�ribute• Derive Key• Destroy• Discover Versions• Encrypt

• Export1.4• Get• Get Attribute List• Get A�ributes• Get Usage Alloca�on• Hash• Import1.4• Join Split Key• Locate• Log2.0• MAC• MAC Verify• Modify A�ribute• No�fy• Obtain Lease

• Poll• Put• Query• Re-cer�fy• Recover• Register• Re-key• Re-key Key Pair• Revoke• RNG Retrieve• RNG Seed• Sign• Signature Verify• Validate

Supported KMIP Operations

Supported Encodings• TTLV• HTTPS/TTLV

• HTTPS/JSON• HTTPS/XML

Supported Databases• HSQLDB• SQLite3• MySQL 5.x• Oracle 11.x, 12.x

• SQL Server 2003+• IBM DB2 9 & 10• PostgreSQL 8 & 9