Constructive Key Management

Title Version Description Size Hits Date added Download
TSWL029 - Persistent Protection of Objects with Object Oriented Key Mngt Persistent protection with encryption of data itself is a logical next step for firewall network enhancement. Encryption can be viewed in various means and has surfaced as an essential element for protecting information exchanges, for policy enforcement, and for differentiated attribute accesses.In general, protecting data may be found in traditional secure network tunneling with a Public Key Infrastructure providing the key management support. A movement to persistent protection encryption would entail creating self-protecting data objects. The financial services, in the form of an ANSI x9 standard, has published x9.73 which sites a dynamic key management schema called Constructive Key Management® CKM®. 385.14 kb 198 16-05-2017 Download Preview
PM_33_015_CKM_Encryption_Enforcement_4_Info_Sharing An overarching security framework design will facilitate a secure Information Sharing Environ-ment, in a collaborative environment, with mobile remote access or fixed access, based on policy driven requirements. Cryptography can be both an enforcement mechanism as well as a differential access mechanism to enterprise data 998.76 kb 163 30-06-2017 Download Preview
NIST_SP_.800_162_ABAC Guide to Attribute Based Access Control (ABAC) Definition and Considerations - NIST special publication 800-162 998.76 kb 168 30-06-2017 Download Preview
SR_15_001_Persistent_Tagging The management of information flow can be achieved through tagging techniques and tagging protocols. Over time, tagging has taken on different means such as labeling, asserting and credentialing. The intent is to define information flow and control. Different approaches have surfaced to address labeling such as identity tags in communications routing and access distribution. More recently, shifts in computer protocols such as from HTML to XML have expanded the possibilities of using tags 146.23 kb 162 30-06-2017 Download Preview
TSWL001_About_CKM Constructive Key Management® (CKM) provides Cryptographically Enforced Management of keys, objects, and access. CKM's Object Level Access Control (OLAC) techniques allow users to control anything that can be named, from a character, page, image or sound in a document to a field in a database. In addition, CKM's Role Based Access Control (RBAC) techniques cryptographically enforce who should be able to see which piece of data or information. The approach of differentially encrypting data based on the need-to-know principle allows secure communication among groups of individuals with a variety of roles. Those individuals who have a legitimate need to view information have access to it, while others don’t.TecSec's Constructive Key Management® (CKM) technology is a standards-based and patented cryptographic key management technology that uniquely resolves critical information security and information management complicated by today's vastly networked world. The need to identify authorized users, protect and control sensitive information assets, and restrict access to information in compliance with privacy statutes and regulations has never been greater. 188.83 kb 162 30-06-2017 Download Preview
TSWL002_Brief Description of CKM Processes The TecSec Constructive Key Management® (CKM®) product that incorporates a smart card is a software and hardware combination designed to cryptographically protect data from unauthorized access and use. It is a physical realization of Role Based Access Control concepts. When encrypting data, the user can selectively designate the read privileges (Roles) needed to read this data from amongst the ‘Write’ privileges that he possesses. The data is then accessible only by those authorized individuals who hold the correct ‘Read’ privileges; resulting in a one-to-many secure data distribution system. By being able to independently administer ‘Read’ and ‘Write’ access privileges, the abilities to create, modify and read data are treated as selectable privileges. Thoughtful use of Key Management processes in the construction of the keying material enables these security characteristics.The heart of the system is the CKM® Combiner 227.64 kb 154 30-06-2017 Download Preview
tswl003_ckm_framework (2) Constructive Key Management® or CKM is embodied in numerous standards (X9.69. X9.73, X9.84, X9.96) published by the American National Standards Institute (ANSI) and is being incorporated into ISO 22895 which includes reference to the cited ANSI standards. These standards are also incorporated herein by reference 167.25 kb 150 30-06-2017 Download Preview
tswl004_technologies_juxtaposed Explanation of how PKI and CKM can work together. These technologies are complementary in application and CKM® products are designed accordingly. CKM® is interoperable with all of the leading PKI vendors (see attached overview) and has incorporated PKI functionality into its CKM® Desktop product. 476.30 kb 162 30-06-2017 Download Preview
TSWL005_Info Security and Cryptograpy Confidentiality or secrecy is the prevention of the disclosure of information. This can be enforced with cryptography. A small amount of data – the cryptographic keying material – is distributed secretly so that a larger amount of data – the ciphertext – can be sent over non-secure networks (data in transit) or stored on publicly accessible areas (data at rest). Forward secrecy is not being able to compromise future communications even if current communications are compromised. Backward secrecy is not being able to compromise previous communications even if current communications are compromised 220.71 kb 156 30-06-2017 Download Preview
tswl009_how_ckm_enhances_pki 3 page chart showing flexibility of CKM and comparison between PKI and CKM ; benefits of using CKM to enhance PKI 437.68 kb 159 30-06-2017 Download Preview
TSWL010_CKM_Enabling_PKI_RSA_Conference Power point presentation of CKM enabling PKI 1.88 mb 172 30-06-2017 Download Preview
TSWL023_CKM_Smart Token_Overview Detailed document on smart tokens. Credentials may be associated with an application that defines one or more member identity elements such as a biometric function, a Smart Token™ identity, or a PIN/Password. CKM is used to bind the identity elements to an encrypted object through an encryption process. The Identification and Authentication (I&A) object may consist of private keying functions that can authenticate the member to the network and other members, and other functions that may need to be stored secretly that are included in a Member Profile. 1.07 mb 164 30-06-2017 Download Preview
TSWL028 - Role-Based Access to Content Constructive Key ManagementA slideshow depicting Role Based Access to Information by Content Enforced by Cryptography. 2.34 mb 225 16-05-2017 Download Preview
TSWL027 - Information Sharing TecSec™s CKM® - “ Enabling Secure Information Sharing & Collaboration. Role Based Access Control to information and protects that information while in transit and at rest – regardless of transport and storage mechanism – enabling a collaborative threat warning processCollecting, analyzing and disseminating terrorism intelligence, sharing that information securely and collaborating with a large number of agencies is not a simple task. TecSec™s CKM® can help with the tasks of secure Information Sharing and Collaboration.CKM®, short for Constructive Key Management®, is a technology and methodology that enables secure information sharing and collaboration. CKM provides a framework for secure information sharing across agency lines. It provides Role Based Access Control to information and protects that information while in transit and at rest regardless of transport and storage mechanism enabling a collaborative threat warning process. 653.76 kb 217 16-05-2017 Download Preview
TecSec's ANSI X9F Presentation: CKM Enabling DRM Slideshow depicting CKM® enabling DRM prepared for ANSI March 2002. 1.90 mb 220 16-05-2017 Download Preview

Banking and Finance

Title Version Description Size Hits Date added Download
TSWL039 - X9 Financial Security Framework Single slide detailing the security layers of Financial Services and the applicable ANSI X9 and ISO Standards. 308.03 kb 208 16-05-2017 Download Preview
pm_15_026_fin2_idsec_160513 (1) Identity Management IDSEC.Attribute Listing for Financial Services Components. Material associated with Financial Services - Secure Packet Based CKM, blockchain and Distributed Ledger 2016 2.03 mb 192 03-07-2017 Download Preview
Financial_Sol_Temp_Slick (1) Marketing slick on Financial Solutions overview 398.49 kb 165 26-06-2017 Download Preview


Title Version Description Size Hits Date added Download
TSWL020_CBO_Report_on_Health_Costs 2008 Congressional Budget Office report on Health Care: Capturing the Opportunity in the Nation's Core Fiscal Challenge - Based on Data from CMS and CDC 295.29 kb 174 03-07-2017 Download Preview
TSWL019_Facts_Healthcare_Costs U.S. health care spending is expected to increase at similar levels for the next decade reaching $4 TRILLION in 2015, or 20 percent of GDP2TecSec paper 164.33 kb 144 03-07-2017 Download Preview
TSWL018_HIPAA_GLBA_CKM The Health Insurance Portability & Accountability Act, the Gramm-Leach-Bliley Act, & CKM® The purpose of this memorandum is to summarize selected elements of the Health Insurance Portability and Accountability Act (HIPAA) and Gramm-Leach-Bliley Act (GLBA) as they relate to TecSec’s Constructive Key Management® (CKM®) technology. It is intended to be a brief overview of the salient parts of these complex laws where TecSec can assist its clients with compliance. 241.77 kb 138 03-07-2017 Download Preview
tswl017_securing_electronic_info_in_healthcare_org TecSec® CKM® - A Simple Solution to Enterprise Management of Access Control to InformationELECTRONIC DATA IN HEALTHCARE—STREAMLINED PROCESSES AND IMPROVED QUALITY OF SERVICESThe use of electronic mechanisms to store and transmit information is quickly becoming the standard across healthcare organizations. Paper records and forms are being replaced by electronic forms and applications, which use intranets (internal to organizations), extranets (between organizations) and the Internet (multiple organizations) as the mechanisms to transmit information. 518.95 kb 170 03-07-2017 Download Preview
PM_33_016_Protecting_PII Nearly every business acquires, uses, and stores personally identifiable information (PII) about its employees, customers, and business partners. Organizations are expected to manage this private data appropriately and take every precaution to protect it from unauthorized access or theft. Misusing, losing or compromising this information can carry a significant financial cost, damage a business’s reputation and in some cases result in criminal prosecution. 443.88 kb 145 03-07-2017 Download Preview

Standards and Certifications

Title Version Description Size Hits Date added Download
X9.96_XCMS_July_28_2003 NIST Document: This Standard specifies a text based Cryptographic Message Syntax (CMS) represented using XML 1.0 encodingthat can be used to protect financial transactions and other documents from unauthorized disclosure andmodification. The message syntax has the following characteristics: ...Support for biometric security, enhanced certificate techniques such as compact domain certificates and keymanagement extensions such as Constructive Key Management (CKM) are provided. 639.36 kb 156 05-07-2017 Download Preview
TSWL025_Cert_687_FIPS140_2 NIST Certific 687 to TecSec for FIPS 140-2 Certification 373.22 kb 173 05-07-2017 Download Preview
std_18_003_certificate_list NIST document listing certs and explanation 328.49 kb 167 05-07-2017 Download Preview
Corporate Overview r Brief overview of some standards for technology including smart card 103.94 kb 126 05-07-2017 Download Preview
Cert_List 137.07 kb 168 05-07-2017 Download Preview


Title Version Description Size Hits Date added Download
TSWL008_CISCO_CKM Application Oriented Network (AON) CISCO Systems and CKM 431.12 kb 149 03-07-2017 Download Preview
The Connected Car Today's cars are so complex electronically that they're perhaps best thought of as mobile computer networks. The cars of tomorrow, which are already starting to appear today, will be increasingly connected to the Internet, to each other, and to roadside wireless infrastructure. 379.61 kb 164 16-05-2017 Download Preview
pm_15_019_cbc_mktg_slick (1) 440.02 kb 126 03-07-2017 Download Preview
PM_15_017_Identity Management IDSEC 2016 Globalization of businesses and the increasing integration of information technologies arecompounded to make diversity of identity management a potential obstacle to the continuingdevelopment of the enterprise’s objectives. To address this, there is a requirement for anintegrated approach to identity management to automate, accelerate, and simplify identitycreation and maintenance. In a broad context, identity management can be referenced as IdentitySecurity or IDSEC for abbreviation 476.38 kb 130 03-07-2017 Download Preview
PM_15_017_Identity Establishment of Identity can be a difficult process. Identity is what makes something or someone the same today as it, she, or he was yesterday. Importantly, identity can refer to a thing (e.g., a computer) as well as a person. Identity is, normally, a global event (i.e. Don is always Don). Things and people can have different identities when working with different systems, or can have more than one identity when working with a single system, perhaps when working in different roles. 476.38 kb 145 03-07-2017 Download Preview
openveil_temp_slick (1) (1) OpenVEIL® is the Open Source connector to KeyVEIL® that allows applications to be written that are CKM Enabled® through the use of the KeyVEIL® key management sys-tem. OpenVEIL® also includes cryptographic algorithms and protocols that can be used to provide bulk data encryption services to applications 192.84 kb 158 03-07-2017 Download Preview
control_sys_temp_slick-2 (1) one page slick of SCADA Security system 378.97 kb 147 03-07-2017 Download Preview

Digital Rights Management

Title Version Description Size Hits Date added Download
Digital Rights Management and CKM® Digital Rights Management (DRM) can be a difficult undertaking. The average lifespan of certain DRM technologies can be measured in days. Some DRM technologies are hacked even before they become standards. Others are hacked after wide deployment in the industry.Along with the advent of Digital Rights Management and the electronic distribution of digitized media comes the need for strong and reliable digital security. In fact, one of the MPAA's (Motion Picture Association of America™s) objectives for Digital Cinema (dCinema) is highly secure, end-to-end, conditional access content protection including digital rights management and content watermarking protection. 356.29 kb 179 16-05-2017 Download Preview
TSWL011_Navy_Success_DRM_with_CKM TecSec’s object management greatly expands the functionality of encryption throughenforcement of information rights management. CKM provides a range of solutions,safeguards information, and selectively shares data within or outside of an organization.TECSEC’S reduced role for the server and heightened functionality at the workstationhas brought a paradigm shift that provides role based access, at the object level, toanything digital that can be named, be it physical, logical, or functional 571.21 kb 141 03-07-2017 Download Preview
tswl021_ckm_enabled_drm_ansi DRM License & Rights Packaging–Binding Content, Rights, User–Protection Method, Mobility–Key Sharing, Escrow, Distribution–Key Mis-use, Tamper Resistant 1.90 mb 143 03-07-2017 Download Preview
tswl022_drm_ckm 356.29 kb 141 16-05-2017 Download Preview

CKM Enhancements to PKI

Title Version Description Size Hits Date added Download
tswl009_how_ckm_enhances_pki (2) Document showing how CKM can enhance PKI 437.68 kb 162 05-07-2017 Download Preview


Title Version Description Size Hits Date added Download
TSWL026_Common_Access_Card_Controls Inspector General of DoD 2008 Report. The life cycle of the contractor Common AccessCard (CAC) consists of approval, issuance,reverification, revocation, and recovery. DoDofficials use the Contractor Verification System(CVS) to approve contractor CACs, and theReal-time Automated Personnel IdentificationSystem (RAPIDS) to issue CACs. 11.43 mb 148 16-05-2017 Download Preview
TSWL015_Nat'l_Strategy_Secure_Cyberspace 1.00 mb 151 03-07-2017 Download Preview
SR_15_002_Military_Encryption A new direction for implementing encryption within the tactical multinational environment can be added to the existing security techniques. By combining Department of Defense (DoD) Information Systems Security Organization (ISSO) and the Department of Commerce oversight of two existing programs, the concern over loss of encryption devices in a tactical situation can be addressed while maintaining a balance between security techniques and the exploitation of these techniques against the US. These two existing programs are concerned with Levels of Robustness and Export Approvals for security products and technologies. 273.60 kb 147 03-07-2017 Download Preview

Department of Homeland Sucurity

Title Version Description Size Hits Download
TSWL014 - Top 10 Challenges for DHS Sept 08

Homeland Security Advisory Council

September 11, 2008A report from the Homeland Security Advisory Council on the top ten strategic challenges that will face the incoming Secretary of Homeland Defense.
438.22 kb 184 Download Preview
TSWL013_Homeland Security_Presentation power point on DHS and TecSec solutions including identity tokens and permissions; access control and sharing of data 1.17 mb 161 Download Preview
TSWL012_Homeland_Security TecSec®, Incorporated has positioned itself as a central part of the solution set for the cross-agency sharing of information consistent with the charter of the Department of Homeland Security. date 2002 508.15 kb 136 Download Preview

Product Slicks

Title Version Description Size Hits Date added Download
VEIL Office Slick 1.0 Product Slick for VEIL Office 441.27 kb 191 16-05-2017 Download Preview
Financial_Sol_Temp_Slick (1) Financial Solution Brief Overview 398.49 kb 157 26-06-2017 Download Preview
Control_Sys_Temp_Slick Marketing slick for SCADA Security 378.97 kb 167 26-06-2017 Download Preview
VEIL Mobile Slick Product Slick for VEIL Mobile 294.48 kb 196 16-05-2017 Download Preview
VEIL EB Slick Enterprise Builder is responsible for managing VEIL® users, the attributes that are available to the system and the mapping of those attributes to the VEIL® users. It also creates and maintains the CTS, Soft Token and Smart Card tokens. 470.35 kb 199 16-05-2017 Download Preview
VEIL Desktop Slick Slick for VEIL Desktop 420.16 kb 201 16-05-2017 Download Preview
VEIL Cloud Slick Product Slick for VEIL Cloud. 529.38 kb 194 16-05-2017 Download Preview