Shalott is a PKI management system, which enables the central administration of certificates and keys, as well as the management of various Certification Authorities. It consists of a workflow engine with web interface and a management console for the PKI operators.
The PKI management system cryptovision Shalott is the central entity for the management of certificates and keys. It consists of the following modules:
PKI Workflow System
The PKI Workflow System enables the design and implementation of all relevant workflows within a PKI as well as the integration of external data sources. A comfortable workflow designer allows to define the respective PKI business processes (workflows) via a graphical BPMN editor by “drag and drop”.
Typical PKI processes are supplied as examples. If required, the process models can be adapted or modified. This makes it possible to control the control flow and the way certificates and certificate requests are checked. In this way, it is possible to map the company’s own certificate or other compliance guidelines in a workflow in order to map corresponding release scenarios (e.g. 4-eyes principle).
PKI Management Console
The PKI Management Console provides PKI operators with an overview of all relevant information (users and groups – certificates – tokens) and tasks for transparent and comprehensive certificate management, as well as an overview of all connected internal and external CAs.
Typical tasks of a PKI operator are checks of certificate requests, if approvals are required according to the underlying certificate policy, which are forwarded to the CA after successful checking.
This console can be used as a Registration Authority: it forwards the certificate requests to the connected PKI systems and accepts the certificates from these PKI systems. In addition, the PKI management console is able to check the certificate requests to the respective connected PKI systems in accordance with the certificate policies of the respective PKI systems and to sign them after successful checking. The PKI systems are connected via the CMP interface by default.
The cryptovision Shalott PKI Management System is modular and can connect to different entities (from other vendors) via connectors:
- PKI Connector: connection to 3rd party Certification Authorities (D-Trust) for management of external certificates (request, revoke, issuing, CRL) via CMP interface.
- LDAP Connector: Connection to Active Directory