Rutoken KeyBox

Rutoken KeyBox - an administrative tool and managements of lifecycle of key carriers.

The solution is focused on the companies implementing two-factor authentication or electronic document management systems. Rutoken KeyBox helps to manage effectively lifecycle of key carriers, gives the chance to keep the magazine and to perform audit of actions with key carriers, to automate processes of management of certificates of users, to execute backup of key information.

Rutoken KeyBox is focused on support of all product line of Rutoken and the majority of other popular carriers. Thanks to functionality, use of the software product Rutoken KeyBox gives a number of important advantages, as for security services, IT managers and personnel, and for the organization.

Advantages

• Simplicity of interaction of the end user with a system.
• When developing Rutoken KeyBox advanced technologies are used, the product is focused on tasks of users of a system.
• Support of domestic cryptoproviders and certification centers.
• Support of different key carriers.

Licensing

Rutoken KeyBox is licensed by the number of users. The license is not limited on term. One license grants the right to use a product and registration of smart cards and USB tokens for one user account. The license is appropriated to the specific user account, but in need of it it is possible to withdraw and appropriate to other account. The license includes right to use (installation and operation) of the server software Rutoken KeyBox, necessary for service of users. The number of licenses can be changed towards increase by acquisition of additional number of licenses.

The license provides receiving a free support in the first year. Service includes the following basic elements:

• implementation and scaling Rutoken KeyBox in the approved quantity of workplaces,
• delivery and updating to the latest version of all purchased components Rutoken KeyBox on all duration of the agreement of service,
• first technical support for administrators of systems.

To users

The different transactions connected with lifecycle of their key carriers are available to ordinary users. Such transactions are executed or via the interface of self-service, or in the interface of an input in the operating system:

• Change of the PIN code of the key carrier,
• Change and unblocking of the PIN code,
• Updating of certificates,
• Obtaining notifications,
• Operational withdrawal of a token and the certificates which are on it in case of loss,
• Time blocking of the device.

To Help Desk operators

The main objective of Help Desk operators is a user support. For this purpose all transactions connected with management of lifecycle of key carriers are available to them in the web interface:

• Registration of a token in a system,
• Purpose of a token to the user,
• Release of a token and necessary certificates,
• Updating of certificates on the carrier,
• Token blocking/unblocking,
• Withdrawal of a token and certificates,
• Cleaning of a token,
• Issue of duplicates of a token,
• Temporary or permanent replacement for a token on new.

To administrators

All actions of Help Desk operators, and also a number of additional operations on management of politicians Rutoken KeyBox are available to administrators. Politicians are a key object of a configuration Rutoken KeyBox and contain different parameters of a system:

• Settings of connections to Certification Centers,
• Templates of certificates,
• Settings of lifecycle of key carriers,
• Politicians of PIN codes of key carriers,
• Confidential questions for authentication of users (are used in scenarios of an unblocking of key carriers).

Viewing events of a system and audit

Help Desk operators and Administrators have an opportunity to browse the magazine of a system in the same web interface in which they carry out the tasks. There is an opportunity to build reports using different selection criteria of events: time frames, serial number of a token, type of the key carrier, name of the contractor, user name, event type, etc.

Development History

2020: Certification of FSTEC of Russia on the 4th trust level

On November 24, 2020 the Aktiv company announced obtaining the FSTEC certificate of Russia on a management system for lifecycle of means of authentication and the electronic signature Rutoken KeyBox on the fourth trust level.

Certification tests of the software Rutoken KeyBox are successfully complete. During tests it is established that Rutoken KeyBox developed by Aktiv company corresponds to the high level of confidence for means of protecting of confidential information - to the fourth.

Rutoken KeyBox - the first information security product in the class which received the certificate of conformity according to new "The requirements for security of information setting the trust levels to means of information technical protection and security protections of information technologies". The certificate is provided by a possibility of operation and successful passing of checks of the regulator on objects of informatization for up to 10 years.

The certificate confirms an opportunity to use Rutoken KeyBox in significant objects of critical information infrastructure of 1 category, in the state information systems of 1 class of security, in automated control systems for production and technology processes of 1 class of security. Is suitable for personal data information systems in need of ensuring 1 level of security of personal data, the public information systems of the II class processing information of limited access, including personal data, office, commercial and other types of confidential information.

Rutoken KeyBox – the system intended for automation of implementation, management of lifecycle and accounting of hardware of the electronic signature and authentication of users in enterprise scales. KeyBox provides centralized operation with means of authentication during all lifecycle, keeps account of means of cryptographic information protection and allows to perform audit of their use. A system also gives the chance quickly and independently to solve problems of users without the address to administrators, including outside the enterprise. The software product supports all line of tokens and Rutoken's smart cards and also carriers of other companies, widespread in Russia. Rutoken KeyBox is included in the Unified register of the Russian computer programs and a DB.

Universal implementation of two-factor authentication of users in the organizations relating to KII, processing personal data in the state information systems is an essential requirement of today. Protection of any serious information system should begin with security of accounts of users. For this purpose there is rather large number of means. Nevertheless, the solutions based on PKI technologies smart cards and USB tokens provide the highest level of security and trust to authentication. At large-scale implementations it is necessary to solve the problems connected with mass service of users: issue, replacement, updating of devices on which keys of authentication and the signature, accounting of a CIPF and creation of reports are stored. Rutoken KeyBox effectively solves these problems. A great number of customers successfully operate this system many years. Obtaining the FSTEC certificate on compliance to new requirements opens ample opportunities on management of means of authentication for big state and commercial customers, - Vladimir Ivanov, the development director noted Asset

2017: Release of version 4.3

The Aktiv company, the Russian producer of hardware of authentication and the electronic signature, developer and solution provider in the field of information security, announced on October 16, 2017 release of upgraded version Rutoken KeyBox 4.3.

Main changes of version 4.3:

• Integration into the directory of users of the Center of registration of Crypto Pro of UTs 2.0 and also with Microsoft CA Enterprise is expanded.
• There was an opportunity to register and take those devices which already are in operation under management (PIN codes of devices were changed according to regulations of information security at the enterprise). Now at registration it is possible to set not only the changed user's PIN codes, but also the administrator's PIN codes.
• Support of standards of hashing and the electronic signature GOST P 34.10-2012 and GOST P 34.11-2012 is added to Rutoken KeyBox. In anticipation of complete transition of all information systems of the country to the updated standards of the electronic signature since January 1, 2019, support of these algorithms is timely. The full support of the updated algorithms of the electronic signature at the time of a release of this publication is provided by devices of family of Rutoken of the EDS 2.0.

Updating to the latest version happens seamlessly and does not demand additional actions from administrators of information systems.

Developers Rutoken of KeyBox are in permanent contact with users of a product and upgrade it under customer needs. The main focus still becomes on convenience of management of a large number of tokens and smart cards and support of all widespread key carriers, developers emphasized.

2016: Certificate of conformity of FSTEC of Russia

In October, 2016 FSTEC of Russia Rutoken KeyBox issued the certificate of conformity on the automation system of management of lifecycle of smart cards and USB tokens.

The document confirms that Rutoken KeyBox is the protected software tool of information processing, protection against unauthorized access to information conforms to requirements of the regulating document ". Part 1. Software means data protection. Classification by the level of absence control of not declared opportunities (State Technical Commission of Russia, 1999) — on the 4th level of control.

Rutoken KeyBox is applied to process automation and decrease in the labor costs connected with service of smart cards and USB tokens in corporate information systems for hardware strict authentication of users, the electronic signature in electronic document management systems, protection of electronic correspondence and other problems of data protection. Rutoken KeyBox allows to release smart cards and tokens using corporate PKI, to provide maintenance of their lifecycle, to keep their account and can be applied to audit and investigation of incidents of cybersecurity. Rutoken KeyBox allows to manage practically any tokens and cards available in the Russian market.