JaCarta Management System (JMS)

The main articles are:

• Electronic signature (EDS)
• Identity and Access Management - Definitions
• Cryptography

JaCarta Management System (JMS) is a management system that supports JaCarta, eToken authentication and electronic signature tools.

2023: JaCarta Management System 4LX for Linux is compatible with Postgres Pro Enterprise DBMS

Aladdin on August 22, 2023 announced the compatibility of the JaCarta Management System 4LX for Linux software complex with the Russian DBMSostgres Pro Enterprise from Postgres Professional.

The JaCarta Management System 4LX for Linux software complex is part of the general ecosystem of Aladdin solutions and in most cases is the infrastructure basis for using other company products, the system manages the entire life cycle of various information protection tools: PKI infrastructure elements, protected media, secure remote work, elements of enhanced authentication.

JaCarta Management System 4LX (hereinafter - JMS 4LX) for Linux was created based on the main challenge for the Russian IT industry - the need for import substitution.

JMS 4LX runs on Linux servers, but as part of a transition period in a heterogeneous network, JMS 4LX interacts with the Microsoft Active Directory service, the Certificate Authority certification center and the SQL Server DBMS, the client part of the solution runs similarly on Windows and Linux machines.

The system includes an enhanced two-factor authentication server JaCarta Authentication Server on the Linux platform to provide a second factor to companies that are not ready to deploy the PKI infrastructure.

Postgres Pro Enterprise allows you to solve complex industrial problems in enterprises with high-load systems, including at critical infrastructure facilities. It is included in the register of domestic software and has an FSTEC certificate.

The data used by JMS and JAS 4LX is reliably protected: the Postgres Pro Enterprise DBMS includes a large number of functions that ensure maximum reliability and security. Among them are incremental backup, built-in failover cluster, flexible password policy management, encryption and data masking, advanced audit of user actions, and much more.

The list of software compatible with the Postgres Pro DBMS has more than 200 products, and we are pleased to replenish it with the solution of JMS 4LX for Linux from Aladdin, a company with one of the best expertise in the data protection industry on the Russian market. Proven compatibility of solutions will allow customers to ensure even higher security and reliability in working with data, "said Ivan Panchenko, Deputy General Director of Postgres Professional.

According to Aladdin experts, the use of JaCarta Management System 4LX for Linux in conjunction with Postgres Pro Enterprise DBMS is recommended in large corporate infrastructures, including using technologies AI and. IoT The JaCarta Management System 4LX is included in the Unified register of Russian programs Ministry of Digital Development Russia and certified according to the 4th level of trust of the FSTEC of the Russian Federation.

2022

JaCarta Management System 3.7.1

On May 30, 2022, Aladdin R.D., a Russian developer and provider of information security solutions, announced the release of JaCarta Management System 3.7.1.

According to the company, JaCarta Management System (JMS) is a certified hardware and software lifecycle management system authentications and. electronic signature JMS is designed to automate token management procedures and authentication software at all stages of their life cycle, including issuing, reissuing and revoking tokens and all related objects (certificates, keys, AMDD tags, etc.). The system includes a powerful server enhanced authentication (2FA) JaCarta Authentication Server (JAS) Enterprise class with support for both hardware OTP and U2F tokens and software SMS OTP/PUSH/authenticators for mobile devices.

JMS is included in the Unified Register of Domestic Software (No. 311) and is certified by the FSTEC of Russia for compliance with level 4 of trust and technical specifications (certificate of compliance No. 4411 dated May 20, 2021).

JMS 3.7.1 implements updated (PUSH) and modernizes the previously used (SMS/OTP-) two-factor authentication methods. It became possible to change the Windows user password through the NPS plugin, the list of generation algorithms for software one-time passwords has been expanded. PUSH authentication using the Aladdin 2FA application is possible without the use of FireBase (Google) and Apple servers .

JMS 3.7.1 presents a fully functional self-service service for users through the Personal Account (POS), the entrance to which is organized by using several authentication methods. Having passed the authentication procedure in the LAN, the user gets the opportunity to independently release and manage OTP, PUSH- and SMS authenticators, as well as safely read the QR code from his personal account to activate OTP and PUSH- authenticators, provided that the Aladdin 2FA mobile application is used.

The possibilities of automation for system operators have been expanded - the service plan "Automatic registration of users and workstations from resource system directories" has been implemented, the ability to automatically register, lock and unlock users and workstations through the service plan has appeared, the possibilities of working with audit logs and authentication events have been expanded, a number of other useful additions have appeared.

From the previous version, JMS 3.7.1 inherited the ability to integrate with various applications and services.

In terms of the implementation of the general import substitution strategy, the system has implemented a migration utility to the JMS 4LX version on the Linux platform, which allows you to make the transition quickly and without problems.

JMS 3.7.1 fixes a significant number of errors, the system is significantly optimized in terms of performance.

JaCarta Management System 4LX для Linux

On March 4, 2022, Aladdin R.D. announced the release of JMS 4LX for Linux, a product of the JaCarta Management System (JMS) line, designed for centralized management of authentication and electronic signature tools, protected media (NPI), as well as in the future any other devices, information security tools.

According to the company, the system of centralized management of information security tools JaCarta Management System 4LX (JMS 4LX) is a company product with an open expandable architecture, which allows you to add support for other IPS (and not just the usual information PKI structure elements) and use a single centralized management system. In particular, JMS 4LX allows you to manage secure information JaCarta SF/GOST media and in the near future support for certified means of ensuring safe remote work is expected. Aladdin LiveOffice The plans also include support for IoT M2M devices.

JMS 4LX supports work not only with certified operating systems of the Linux family (Astra Linux Special Edition, Astra Linux Common Edition, RED OS, Alt 8 SP), but also with common uncertified versions of Linux.

JMS 4LX developed taking into account the optimized migration process both from JMS 3.7.X (Windows) and from Windows infrastructures to Linux:

• server JMS 4LX works with elements of Linux infrastructures (, FreeIPA Samba AD,, PostgreSQL Dogtag, etc.) and Windows (MS AD, MS CA, etc.), in the near future - support for a solution for centralized management and automation ALD Pro of the company's production; Astra Linux
• JMS server is 4LX compatible with "web clients" (regardless of the platform used) and with application clients for Windows that provide interfaces for interaction with users and administrators;
• allows you to interact with almost any existing CC, for example, CryptoPro CC, CC ViPNet, etc.

JMS 4LX has the FSTEC of Russia Certificate No. 4516 dated 25.01.2022 for compliance with the information security requirements established in the document "Information Security Requirements Establishing Levels of Trust in Information Security Tools and Information Technology Security Tools" (FSTEC of Russia, 2020) - according to level 4 of trust and technical specifications.

In addition, JMS 4LX included in the unified register of Russian programs for computers and databases (No. 11260) and is recommended for procurement in state and municipal institutions.

2021

Astra Linux Special Edition Compatibility

The compatibility of OCAstra Linux Special Edition and products of Aladdin RD JaCarta Management System 4LX and Secret Disk Linux has been confirmed. The use of this firmware stack allows you to ensure the protection of confidential data, including those constituting a state secret labeled "top secret." This was announced on December 13, 2021 by Astra Linux. Read more here.

JaCarta Management System version 3.7 is compatible with Jatoba DBMS

On September 13, 2021, Aladdin R.D. and Gazinformservice announced the completion of compatibility tests for their products.

Based on the received tests, a compatibility certificate was issued confirming the correct operation of the JaCarta Management System (JMS) software version 3.7 from Aladdin RD and Jatoba DBMS from Gazinformservice. Jatoba DBMS can be used by JMS to securely create, store, update, and delete data. Both products are included in the Unified Register of Domestic Software.

We are more than satisfied with the test results of our product with Jatoba DBMS - all functions work normally, performance and scalability are simply excellent! We hope that meeting Jatoba DBMS in our projects as often as possible is a good choice for any customer. Vladimir Bychek, chief product officer at JMS&JAS, noted.

The joint use of the JaCarta Management System software complex and the Jatoba DBMS showed good results, which once again confirms the possibility of import substitution ON without losing the speeds critical for large industrial enterprises, "commented the head of the Jatoba DBMS development at Gazinformservice. Denis Rozhkov

2020

JaCarta Management System 3.7

On July 14, 2020, it became known that the company Aladdin R.D.."" announced the release of the next version of the platform for asset lifecycle management authentications electronic signature and enterprise scale JaCarta Management System - 3.7. This version is the latest and most functional in the JMS line on the platform Microsoft Windows and already contains elements that work on - Linux a universal Web client and as DBMS PostgreSQL an alternative to the still supported one. MS SQL

According to product development plans, all subsequent versions of JMS will be developed on a single code base and run on both Windows and Linux.

Among the key features and benefits that have become available in version 3.7:

• a stand-alone 2FA JAS enhanced authentication server is now part of the platform. In this version, OTP and U2F authenticators are managed based on policies in exactly the same way as tokens and certificates are managed;
• own mobile application for iOS and Android;
• proven integration schemes with Microsoft, Citrix, Palo Alto, Check Point, VMware, Fortinet, etc.;
• implementation of a single version of the enterprise scale platform and a platform adapted to work with Certification Centers, including those located in isolated circuits. Accessibility and convenient licensing system for each platform;
• full integration with Crypto Pro DSS - the ability to manage user accounts and virtual tokens Crypto Pro DSS from the JMS management console by the same means as the usual JMS management objects;
• significant increase in performance and improvement in the user interface, correction of minor shortcomings.

We have seriously worked on the release and are pleased with the result. The JMS team tried to provide all the wishes of our respected partners and customers and implement them in JMS. Now we intend to fully focus on the JMS-4LX version, which will be released first on the Linux platform and only then on Windows. Until the release of version JMS-4LX on the Windows platform, all requests for a Windows management system will be closed by JMS version 3.7, - said JMS&JAS Product Director Vladimir Bychek

As of July 2020, JMS version 3.7 is being certified by the FSTEC of Russia for compliance with Confidence Level 4.

Red OS Compatibility

Within the framework of the technological partnership, RED SOFT and Aladdin RD. Tested for compatibility of their products. The developers confirmed the correctness of the JaCarta Management System (JMS) software complex, JaCarta version 1.5 PC and SecurLogon PC, which serve to protect confidential information, including personal data in commercial structures, government bodies and industrial enterprises, with the RED OS operating system (manufactured by RED SOFTWARE). The test results are reflected in a two-sided certificate of compatibility. This was announced on June 17, 2020 by Red Soft. Read more here.

2019

Compatibility with Notary-PRO CT

On October 23, 2019, Aladdin R.D. announced that it had conducted test tests for the compatibility of its products together with Signal-KOM.

During the testing, the correctness of the corporate system of life cycle management of authentication and electronic signature tools "JaCarta Management System" (JMS) developed by Aladdin RD. With the Certification Center (CA) "Notary-PRO" version 2.7 was confirmed. Read more here.

JaCarta Management System 3.5

April 15, 2019. Aladdin R.D. announced the release of the JaCarta Management System 3.5 (hereinafter referred to as JMS) version of the accounting and lifecycle management system of authentication and electronic signature tools.

JMS is a corporate system designed to record and manage the lifecycle of authentication and electronic signature tools (- USB takes and smart cards), as well as certificates, users and workstations. JMS automates typical operations when working with devices from different manufacturers, provides configuration of authentication and display tools, and also makes it possible to centrally manage access to corporate systems. JMS is included in (Unified Register of Domestic Software No. 311) and is recommended to purchases state to and municipal authorities.

The JMS 3.5 version implements a number of improvements, including:

• ensuring work with certificates (without the use of key media);
• Implementation of automatic client updates
• Changing the product licensing system
• providing additional increase of product stability and efficiency.

With a valid technical support certificate, the upgrade to version 3.5 is free of charge.

2018

JaCarta Management System 3.4

On November 20, 2018, Aladdin R.D. announced the release of the JaCarta Management System authentication and electronic signature lifecycle management system in version 3.4 (hereinafter referred to as JMS).

In the presented version of JaCarta Management System, it became possible to create your own user directory with the necessary attributes and taking into account the hierarchy adopted by the customer. At the same time, you can bind different user profiles to different branches of the hierarchy, which allows you to quickly assign and change the desired security policies. This approach will, according to the developer, be in demand in organizations that do not use directory services, for example, Microsoft Active Directory. And commercial and departmental certification centers will be able to use JMS to manage certificates of external users who are not in the directory service.

Aladdin R.D. believes that the ability to send customized certificate requests to Microsoft CA will allow organizations to issue certificates to users from domains external to where Microsoft CA is installed. You can also add additional meaningful attributes to the query that are not always specified in the original template.

According to the developer, another functionality that appeared in version 3.4 will significantly simplify the release of the certificate when changing user attributes. In particular, when changing their last name or passport data, JMS will automatically request the release of a certificate from the certification center, and then remotely write it to the user's token or smart card. At the same time, neither the administrator nor the user will be required to take additional actions.

The presented JMS version provides support for the TLS 1.2 protocol to protect the connection between the client and the server. According to the developer, the system supports all modern versions of commercial, server operating systems, as well as relational database management systems from Microsoft.

Aladdin R.D. reported that JaCarta Management System 3.4 passed inspection control, FSTEC Russia according to the results of which it was confirmed that the previously issued certificate No. 3355 applies to version 3.4 of the management system - USB currents and smart cards.

Certificate of FSTEC of Russia

The company Aladdin R.D.."," a Russian developer and provider of security solutions, information security on March 26, 2018 announced that the current version of the corporate asset lifecycle management system authentications electronic signature and JaCarta Management System (JMS) version 3.3 has passed inspection control in. FSTEC Russia The results of the audit ensure that the system is created taking into account the requirements for ensuring information security and reliability of work imposed by large state and corporate customers.

In particular, the updated certificate of the FSTEC of Russia No. 3355 certifies that JMS is a software tool for managing authentication tools that implements the functions of identification and authentication, access control and registration of security events, meets the requirements of the guidance document "Protection against unauthorized access to information. Part 1. Information security software. Classification according to the level of control of the absence of undeclared capabilities "(State Technical Commission of Russia, 1999) - according to level 4 of control (EID 4), as well as the requirements of the Technical Specifications. This allows you to use JMS in personal data information systems up to and including level 1 security and state information systems up to and including class 1 security, as well as when creating automated information systems up to and including 1G security class. The certificate of conformity is valid until March 3, 2021.

The main differences between JMS 3.3 and the previous version are:

• support for USB tokens, smart cards and security modules (SIM, chips for mounting on a printed circuit board) JaCarta-2 GOST with hardware implementation of cryptographic algorithms GOST R 34.10-2012 and GOST R 34.11-2012, which allows you to prepare in advance for the transition to updated electronic signature standards;
• support for USB tokens and smart cards eToken 5100, 5105, 5110 and 4100;
• support for CryptoPro CSP 4.0 crypto provider, which allows generating key pairs for generating and verifying an electronic signature using the cryptographic standard GOST R 34.10-2012 with a private key length of 512 or 1024 bits;
• Deferred printing not only in a fully functional, but also in a simplified version of the JMS management console
• the function of clearing the contents of USB tokens and smart cards without releasing them to JMS;
• the ability to notify digital certificate holders of the imminent or imminent expiration of their certificates, including those issued by third-party Certification Centers;
• support for backward compatibility with previous versions of JMS clients (3.0 and 3.1.1), which allows you to time-spread the processes of updating the JMS server and JMS clients, or update JMS clients in several stages.

In accordance with the requirements for the supply of certified products approved by the FSTEC of Russia, the certified version of JMS is delivered only as part of a kit (Media Kit), which contains the verified JMS distribution on physical media and the necessary documentation.

JaCarta Management System (JMS) 3.3

On February 27, 2018, the company Aladdin R.D.."" announced the release of the next version of the asset lifecycle management system authentications electronic signature and JaCarta Management System 3.3 (JMS). It implements support for the generation of electronic signature tools -2 JaCarta GOST, crypto provider CryptoPro CSP 4.0, expanded the list of supported device models. eToken

The main differences between JMS 3.3 and the previous version are:

• support for USB tokens, smart cards and security modules (SIM, chips for mounting on a printed circuit board) JaCarta-2 GOST with hardware implementation of cryptographic algorithms GOST R 34.10-2012 and GOST R 34.11-2012;
• support for USB tokens and smart cards eToken 5100, 5105, 5110 and 4100;
• support for the CryptoPro CSP 4.0 crypto provider, which allows generating key pairs for generating and checking an EP using the cryptographic standard GOST R 34.10-2012 with a private key length of 512 or 1024 bits;
• Deferred printing not only in a fully functional, but also in a simplified version of the JMS Management Console
• the function of clearing the contents of USB tokens and smart cards without releasing them to JMS;
• the ability to notify certificate holders of the imminent or imminent expiration of their certificates, including those issued by third-party Certification Centers;
• support for backward compatibility with previous versions of JMS Clients (3.0 and 3.1.1), which allows you to time-distribute the processes of updating the JMS Server and JMS Clients, or update JMS Clients in several stages.

2017

ViPNet Verification Center Compatibility 4

On September 19, 2017, Aladdin R.D. and InfoTeCS announced the confirmation during tests of the operability and correctness of the functioning of the centralized accounting and lifecycle management system of tokens and smart cards JaCarta Management System (JMS) version 3.X with the ViPNet Certification Center 4 software (version 4.6).

Tests were performed on the following operating systems:

• Windows Server 2008 (32/64-bit);
• Windows Server 2008 R2 (32/64-bit);
• Windows Server 2012 (32/64-bit);
• Windows Server 2012 R2 (32/64-bit).

The certified ViPNet Certification Center 4 software package is designed to build a public key infrastructure (PKI) and can be used to implement the functions of a certification center in accordance with the Federal Law of April 6, 2011 63-FZ "On Electronic Signature."

JaCarta Management System (JMS) 3.1.1

The company Aladdin R.D., on August 29, 2017 announced the release of the next version of the accounting and lifecycle management system of USB tokens and smart cards JaCarta Management System 3.1.1 (JMS). This version implements advanced capabilities for automating the accounting of cryptographic information protection tools (CIPF), improves performance, and also implements a number of other improvements.

JMS as a whole is designed to record and manage the lifecycle of USB tokens and smart cards, as well as certificates, users and workstations. The use of JMS allows you to automate typical operations when working with devices from different manufacturers (JaCarta, eToken, Rutoken), provide flexible configuration of USB token and smart card policies, and also makes it possible to centrally manage access to corporate systems.

The main differences between JMS v. 3.1.1 and the previous version (3.0) are:

• improvements for the CIPF accounting function:
  • automatic detection of software CIPF CryptoPro CSP and ViPNet CSP on users' personal computers is implemented;
  • automatic registration of copies of CryptoPro CSP and ViPNet CSP software CIPSI is implemented in the log when it is detected on the user's computer (duplication of information is excluded);
  • automatic management of key media certified as CIPF is implemented - for all stages of their life cycle, the system generates relevant events in the CIPF accounting log;
  • automatic accounting of key information and key documents for third-party (externally obtained) certificates is implemented;

• Improved server performance - Now one JMS server can serve 3 times more JMS clients
• other improvements:
  • visualization of the list of non-domain workstations is implemented;
  • Extended error descriptions in the audit log
  • search in global groups is implemented.

To obtain version 3.1.1 of JMS, you need to contact the partners of Aladdin RD.. With a valid technical support certificate, the update to the latest version is free of charge.

JaCarta Management System (JMS) 3

During the inspection control, JMS v. 3 also successfully passed the check for the absence of vulnerabilities. The results of the audit ensure that the system is created taking into account the requirements for ensuring information security and reliability of work imposed by large state and corporate customers.

The updated certificate of the FSTEC of Russia No. 3355 certifies that JMS is a software tool for managing authentication tools that implements the functions of identification and authentication, access control and registration of security events, and meets the requirements for level 4 control of the absence of undeclared capabilities (EID 4) and the requirements of technical specifications. This allows you to use JMS in personal data information systems up to and including level 1 security and when creating automated information systems up to and including 1G security class. The certificate is valid until March 3, 2018.

The main differences between JMS v. 3 and previous versions are:

• ViPNet 4.6 Certification Center (CA) support, implementation of lifecycle management of certificates issued through this CA;
• accounting of cryptographic information protection tools (CIPF) and key documents:
• management of CIPF types;
• manual management of CIPF instances, distributions and licenses;
• automatic accounting of key information and key documents (when using CIPF CryptoPro CSP and ViPNet CSP to create them);
• automatic generation of regulatory documents for each event related to CIPF and key documents;
• logging of CIPF accounting operations;
• a printing subsystem that automates the compilation of paper documents related to the lifecycle of tokens:
• preparation and printing of applications for issuance of tokens and issuance of certificates;
• the function of printing regulatory documents related to CIPF and key documents;
• printing of certificates with marks on issuance and receipt;
• preparation and printing of token issuance certificates;
• the function of deferred printing of documents generated when tokens and certificates are issued;
• the ability to take control of external objects. Certificates issued by third-party CCs are now also taken into account by the system, their validity periods are monitored;
• notifications of certificates with expiring/expired validity dates, including certificates issued by third-party CAs;
• extended list of events for which administrative e-mails are available.

During the inspection control, JMS v. 3 also successfully passed the check for the absence of vulnerabilities. The results of the audit ensure that the system is created taking into account the requirements for ensuring information security and reliability of work imposed by large state and corporate customers.

2016: JaCarta Management System (JMS) 2.4

In July 2016, Aladdin R.D. announced the release of a version of the accounting and lifecycle management system for authentication and electronic signature tools JaCarta Management System (JMS) 2.4.

JMS is designed to automate typical operations when working with key media (tokens) from different manufacturers, allowing them to be recorded, flexibly configure token policies and centrally manage access to corporate information systems. The unique features of JMS, such as batch registration and automatic token synchronization, significantly reduce the operational and time costs of maintaining the PKI and electronic signature infrastructure, freeing IT and information security services from time-consuming and often recurring tasks.

Compared to previous releases, JMS 2.4 implemented subsystems for building reports and printing accompanying documents, significantly improved the ability to import and export objects to tokens, and expanded the list of supported tokens.

JMS is certified by the FSTEC of Russia and can be used in ISDS up to and including level 1 and when creating automated systems up to and including 1G security level. As of July 2016, JMS is the only token lifecycle management system included in the Unified Register of Domestic Software (No. 311) and recommended for procurement by state and municipal authorities.

In this version of JMS, the following were implemented:

• Support for new tokens:
  • with multiple features (e.g. PKI, electronic signature, data storage);
  • JaCarta PKI/GOST/SE for EGAIS, CryptoPro PKN, Rutoken Lite, Rutoken S, Rutoken EDS and EDS 2.0;
  • microUSB tokens;

• Support for token migration between branches and organizational units
• report building subsystem;
• a printing subsystem that automates the paper document flow associated with the token lifecycle:
  • preparation and printing of applications for issuance of tokens and issuance of certificates;
  • printing certificates with marks on issuance and receipt;
  • preparation and printing of token issuance certificates.

• Group access rights settings for workstations
• Support for Crypto Pro 1.5 CA as an external user base;
• Import private key and certificate backups from the Microsoft CA store using the Key Recovery Agent (KRA) or from PFX files.
• export backups of private keys and certificates for users and tokens removed from the system;
• Automate the registry of tokens connected to workstations
• the mode of forced change or reset of PIN-codes of tokens;
• a mechanism for granting temporary password access in Active Directory or assigning a temporary token;
• support for deploying a client agent through Group Policy Object (GPO);
• English version of user interfaces of all system components
• more than 150 other fixes and improvements.

The largest users of JMS are the Pension Fund of Russia, VTB Group, JSC SO UES and PJSC RusHydro.

2015: JaCarta Management System certified by FSTEC of Russia

Aladdin R.D. announced in April 2015 that it had received the FSTEC of Russia certificate for the JaCarta Management System, a system for managing the life cycle of tokens, smart cards, certificates and products.

Based on the results of tests conducted by the Echelon Research and Production Association laboratory, the company received a compliance certificate No. 3355, confirming that "the JaCarta Management System software is a software tool for managing authentication tools that implement the functions of identification and authentication, access control and registration of security events and fully complies with the requirements of the guidance document" Protection against unauthorized access to information. Part 1. Information security software. Classification according to the level of control of the absence of undeclared capabilities "according to the 4th level of control and technical specifications."

The certified version of JaCarta Management System (JMS) ensures compliance with the requirements of Russian legislation in the field of protection of personal data and confidential information and can be used in ISDS up to and including class 1 and to create automated information systems up to the 1G security class.

2014: JaCarta Management System Announcement

On October 28, 2014, Aladdin R.D. announced the JaCarta Management System, a token management system.

Product Benefits

• Support for all JaCarta models as well as eToken (including GOST)
• Reduce the cost of maintaining the authentication and display infrastructure
• Centrally manage access to enterprise systems
• Audit of Actions of Employees and Administrators Regarding Authentication and Display Tools
• Ensuring compliance with legal and regulatory requirements (FSTEC of Russia, FSB of Russia)

Basic functions

• Automate typical token lifecycle management (LC) operations (register, issue, assign, temporarily disable, unlock, replace).
• Profile management (information security policies). JMS has centralized security policy management for authentication and display tools. You can create, edit, and bind security policies to resource system containers (which support the inheritance mechanism).
• Advanced self-service mode for the user. It allows the employee of the company to perform the necessary operations with the token without contacting the Help Desk service.
• Synchronize with external systems. JMS implements maintenance plans, which are periodically launched tasks that track changes in external systems and take appropriate actions. For example, revoking/disabling a key media if a user is deleted or locked on an external system.
• Audit administrator and user actions. The system provides the ability to maintain a log of user actions on the use of tokens and smart cards, as well as a log of administrator actions performed through the administrator console.
• Backup. JMS can back up both released objects (private keys, certificates) and system settings as a whole.

Unique features

JMS has multiple turnaround times for a number of standard typical operations.

• Batch token registration allows you to register all purchased JaCarta tokens in a few minutes. To register them, you just need to upload to the system a file received with a batch of USB tokens and JaCarta smart cards, and all purchased tokens with chip numbers, CIPFs, cases will automatically appear in JMS.

Taking control of existing tokens makes it possible to automatically turn on USB tokens and smart cards released earlier. This saves all previously released objects to the key media.

• Automatic synchronization of changes. If you change security policies, JMS will automatically apply all updates to token content without having to manually reissue user tokens. After applying the changed policy, certificates for tokens that fall under this changed policy will be automatically reissued.
• CIPF accounting in accordance with the requirements of the regulators. JMS has the functions of accounting for indices and numbers of USB tokens and smart cards certified by the FSB of Russia as CIPF. This allows the user to ensure compliance with the requirements of the licensing authorities for working with certified CIPFs and monitoring the use of key information media.
• Smooth migration with SafeNet Authentication Manager (SAM)/Token Management System (TMS). There is a smooth transition to JMS for companies using SafeNet Authentication Manager (SAM )/Token Management System (TMS). You just need to import the data into the new system. At the same time, you do not need to change the existing infrastructure, make changes to Active Directory, and rebuild established business processes.