Advanced security
Security is a major issue for a mass signing server. To obtain a high security level, Unicity MSS offers its own network connection management and uses the RBAC standard to authorize signers.
Integrated connection management
Unicity MSS is a stand-alone product that allows you to manage network connections and SSL/TLS configuration, from the administration GUI.
Not only does it make configuration easy but it also provides an end-to-end security from the calling application to Unicity MSS, and it means that every change to incoming connection parameters can be traced from the event journal.
Offering its own Web services, Web server and its authentication layer, Unicity MSS does not rely on the security or on the audit of any third party.
Role-Based Access Control (RBAC)
Unicity MSS builds on the INCITS 359-2004 standard to provide secure and fined grained access control to your corporate signers.
Every operation in Unicity MSS is tied to a unitary permission and these permissions can be grouped into roles to fit the security model of your organization.
In order to integrate smoothly with your infrastructure connection policies, you can automatically grant or deny some roles based on the entry connection point.
Signature key life cycle management
If you are already familiar with the handling of cryptographic material, you will know that full control on the life cycle of signing keys is especially important, and even sometimes mandated to fulfill legal requirements associated with the production of electronic signatures.
Unicity MSS allows you to manage the whole life cycle of your signature and TLS/SSL keys from the administration GUI.
If your key management policy makes you use the tools from your Hardware Security Module vendor, Unicity MSS is perfectly suited to handle externally managed keys.