The MTG Key Management System (MTG IoT KMS)
was specially developed for manufacturers of IoT devices, making the management of a large number of individual cryptographic keys in production and at the customer‘s site considerably easier.
As a centralized security system with an open interface according to the international OASIS KMIP standard, the MTG KMS enables all specific IoT applications to be connected quickly and easily.
Complete key management life cycle
The entire key management lifecycle is already supported in the MTG KMS and can be utilized via the standardized KMIP interface.
Control & Compliance
The platform supports multiple independent clients. MTG´s dedicated role and rights management ensures the correct distribution of access rights of clients to the respective keys.
The KMIP interface enables the smooth and easy integration of existing applications. KMIP specifies all management operations for objects (e.g. digital certificates, private keys) that are stored and managed by a key management system. The KMIP standard includes operations for symmetric and asymmetric cryptographic keys, digital certificates and templates that simplify the creation of objects and control of their use.
KMIP Client Library
A specific and adaptable MTG exclusive KMIP-Library is
available to facilitate the integration of applications.
REST Interface & Adapters
In case the KMIP protocol does not offer the necessary functionality (e.g. bulk jobs, legacy applications …), a REST interface can be used to support a variety of clients and applications. Customized adapters or adapters to other widely adopted industry interfaces, like PKCS#11 or JCA/JCE, further ease the integration of applications.
Vendor independent HSM
MTG IoT KMS supports different Hardware Security Modules (HSM) vendors for the secure storage and generation of high-quality encryption keys.
A Public Key Infrastructure (PKI) can be easily integrated to the MTG KMS. Besides this, a specific IoT PKI is available at MTG.
Consulting & Support
In cooperation with our customers, MTG develops a detailed specification that takes into account the project´s individual requirements. Affected departments (e.g. the production team) are fully involved and interfaces are coordinated.
Versatile and flexible use
Key injection of IoT devices during production
The creation and injection of one or more specific keys, during production is an important process for more device safety. This ensures confidentiality, integrity and authentication of million individual keys of produced IoT devices.
For a manufacturer a customer-specific production of the key material is essential and can be controlled with the MTG IoT KMS.
Separate key management of production processes
MTG IoT KMS allows individual roles and access rights to be set up for the different production lines or products, each with its keys handled separately.
IoT device operation
For secure device management, various client applications are able to continuously access the key material managed centrally in the MTG IoT KMS throughout the entire device lifecycle:
- Onboarding: device storage, registration, workforce management
- Operation: data processing & control of devices
- Monitoring & Maintenance: device updates, status, configuration
The MTG IoT KMS can support different manufacturers and products in the management of the devices in operation.
Task specific key material
On production and operation side, keys are marked according to their function or tasks (administration, testing, updating, workforce management ...) to be used by the authorized applications / users only.
Replacement of the key material in the device
MTG IoT KMS allows to exchange key material in the devices. For example, before the validity of keys expires or broken algorithms.
Secure electronic shipment files
A secure handover of the key material when sending the physical devices to the customer or between production sites has to be ensured with an electronic shipment file. For the en- and decryption of an electronic shipment file we offer all necessary „crypto key functionalities“.
Indispensable for security conscious companies
Our offer consists of the triple set of essential security elements: Key Management System (KMS), Public Key Infrastructure (PKI) and the appropriate HardwareSecurity Modules. MTG´s holistic consulting approach covers all three product areas. Customized adaptations for easy integration and seamless operation enable our customers to meet the highest security standards within shortest time.