A critical component to securing any system are keys and certificates. They can be used to sign software and configuration settings so they can be verified to originate from a trusted source and they can be used to encrypt data in transit and at rest to protect it from being compromised.
The CCX Technologies SystemX Operating System includes a complete Certificate Manager that can be used as part of Public Key Infrastructure (PKI) System.
Key Management
All CCX Technologies hardware systems include an integrated HSM (Hardware Security Module) which can be used to generate and securely store Cryptographic Keys. The keys can be used as root private keys, or intermediate keys in a PKI system.
Certificates can be created from the public portion of a managed key, other certificates can be signed using industry standard CSRs (Certificate Signing Requests) either from other SystemX systems, or third-party applications.
CRLs (Certificate Revocation Lists) can be generated and published using an integrated HTTP server using a user friendly GUI.
Certificate Management
Certificates can be uploaded to the system and public keys extracted. Uploaded certificates can be verified against root certificates and CRLs.
Public keys from certificates can be used to verify signatures, and encrypt data to be sent to the certificate owner.
Certificate Proxy
Most equipment on aerospace and defence networks lack any form of external connectivity which makes it difficult to rotate certificates and to verify certificates against CRLs and root certificates.
A CCX Technologies Certificate Manager with external connectivity, either through direct connectivity options, or a maintenance laptop, can be configured to verify and update certificates and then forward valid certificates to equipment on a network with no connectivity.