Advanced security
Security is a major issue for a timestamp server: you cannot afford to get any timestamp token with inaccurate time because of a security breach.
To obtain a high security level, Eternity offers its own network connection management and uses the tamper-protected architecture of a Hardware Security Module.
Integrated connection management
Eternity is a stand-alone product that allows you to manage network connections from the administration GUI.
Not only does it make configuration easy but it also provides an end-to-end security from the calling application to Eternity, and it means that every change to incoming connection parameters can be traced from the event journal.
Eternity does not rely on the security or on the audit of any third party.
Benefits from the use of HSM
The use of HSM brings you with the utmost security level for your timestamp server:
- The signature keys are securely stored in a tamper-protected architecture.
- The internal clock of a HSM can only be changed by a group of administrators authenticated thanks to a set of smartcards.
Even in the case of a major attack of the server, the signature keys and the time source remain protected within a secure perimeter.
Signature key life cycle management
If you are already familiar with the handling of cryptographic material, you will know that full control on the life cycle of signing keys is especially important, and even sometimes mandated to fulfill legal requirements associated with timestamp services.
Eternity allows you to manage the whole life cycle of your signature keys from the administration GUI, following these different states: key generated, certificate signing created, key operational, key deactived, and key deleted.
If your key management policy makes you use the tools from your Hardware Security Module vendor, Eternity is perfectly suited to handle externally managed keys.