GoldKey Hierarchical Management
GoldKey utilizes an innovative key management system which is securely built into the hardware of USB tokens. This advancement in encryption key management is accomplished through patent-pending technology called HSP (Hierarchical Security Protocol).
GoldKey Hierarchical Security Protocol
The GoldKey hierarchy has three levels, the user GoldKey, the GoldKey Master, and the GoldKey GrandMaster. All of the User Group creation and security management is performed securely inside the tokens. The process is intuitive and can be managed by persons with limited technical training.
The GoldKey Hierarchical Security Protocol utilizes symmetrical key algorithms, usually AES-256 making it fast and robust. HSP utilizes an innovative key management system which is securely built into the hardware tokens.
In HSP, the tiered layers of management provide the means to straddle the gap of establishing shared secrets between users. In an Enterprise installation, the first step in setting up the security system involves configuring the GrandMaster token. The GoldKey software allows the security administrator to set up User Groups inside the token. Next, each Master token, usually one per department, is registered to the GrandMaster. This is a step during which the administrator decides which groups a particular Master token will be allowed to access. Finally, each user GoldKey is registered to a Master during which, the operator selects which selected user groups are given to a particular user.
Upon completion of the registration process, the GoldKey tokens now automatically manage the distribution of keys throughout the Enterprise. A GoldKey registered to a Master token overseas can decrypt the same data as a GoldKey registered to a Master at home so long as both Masters were previously registered to the same GrandMaster.
Master tokens provide the function of managing group access to GoldKey Vaults, reviewing access logs, and when necessary, disabling the access privileges of a user in question. Master tokens can also unlock files encrypted by registered user tokens and also enable the re-creation of individual GoldKey tokens thereby minimizing the risk of a lost token or forgotten PIN.