Use cases
Customisable and component-oriented, Tegona Key Management System (TKMS) can be delivered in many ways; either within a new PKI project (new document issuance for instance) or in the context of a Public Key Infrastructure renewal. TKMS can also be provided with only the necessary software components to be integrated into an existing infrastructure.
1 Full TKMS
In this scenario, Tegona would supply and integrate a complete end-to-end infrastructure dedicated to the signature and inspection of secure documents, i.e. Root Certification Authorities (CSCA/CVCA), Document Signer & Verifier (DS/DV) and Personalisation & Inspection Systems (PS/IS). DS/DV & PS/IS would be provided for every personalisation centers. Every component would be delivered as physical appliances with HSMs embedded.
2 CSCA/CVCA only
In this context, Tegona would provide and integrate Root Certificate Authorities only, for the renewal/replacement of a country ICAO PKI for instance (as these components can only exist once in each country). CSCA & CVCA software would be supplied with servers and HSMs (with redundant infrastructure if requested). Continuity of the certificate chain is guaranted by signed linked certificates.
3 Production Suite
In this last example, Tegona would only deliver and integrate necessary PKI components involved in the production & quality assurance, as part of a new project or passport / ID card renewal. In this case, the supplied system would be integrated through an API to the country existing Root Certificate Authorities. DS/DV & PS/IS are provided in all personalisation centers, with servers and HSMs, or virtualised. The suite is fully integrated to personalisation & inspection equipments.