Identity Authority Manager 1.0 Release Notes

PrimeKey is pleased to announce the release of the Identity Authority Manager (IdAM) version 1.0.0.

The Identity Authority Manager (IdAM) from PrimeKey is an industrial-grade Registration Authority Hardware Appliance that integrates into the production environment and enables secure issuance of device identities/certificates. The integrated workflow engine allows designing and processing individual device certificate issuing workflows to fit into the production workflow. For more information, see the IdAM Introduction

Highlights

Integrated Trust Anchor

IdAM supports an integrated software-based Trust Anchor for storing cryptographic information, such as keys or certificates, and providing cryptographic operations. For more information, see Architecture.

CA Management

The integrated CA Management allows configuring a Certificate Authority (CA) Service utilized for issuing device certificates. The CA Management also provides access to CA parameters during process modeling. For more information, see CA Management.

Lightweight CMP Support

The IdAM supports the IETF (Internet Engineering Task Force) Lightweight CMP Profile, which specifies a subset of the Certificate Management Protocol (CMP) and Certificate Request Message Format (CRMF), focusing on typical uses cases relevant for managing certificates of devices in industrial IoT scenarios.

The following message types are supported: 

  • IR CertReqMessage, Initialization Request
  • IP Cert ReqMessage, Initialization Response

For more information, refer to the IETF draft Lightweight CMP Profile.

Centralized Logging

Due to the need for strict network separation, the IdAM architecture is based on several separate virtual machines. However, the logging is centralized and allows for consolidating the log information and enables you to retrieve the system status information from all entities.