Management and Control
The centralised management and enhanced control features deliver the data, user and device administration tasks and functionality that constitute a practical and efficient secure system.
Management Interface: SEAcurIT-e® has a powerful but straightforward management interface for the administration, monitoring and control of users and security values such as keys, including secret encryption keys and the private keys associated with public keys. This is accessible either directly using a Management Application, or indirectly by incorporation as a security service within other applications or services, such as a management web portal. Administration accounts allow the centralised management and control of all users and keys within a domain, and users can have their own accounts for the management of their own keys as well as any shared keys. The features and privileges of each account are defined by its account type.
Identification: Each managed security value is uniquely identified and includes information such as the identity of the associated user and identification of the device using the key. This enables the granting or removal of user access to specific documents or other secure or shared content by control of the associated keys, managed by either system administrators or the designated controllers of the content.
Scalability: There is no limit to the number of keys that users can add to their accounts.
Searchability: For any key under their jurisdiction users or administrators may, using their management accounts, search all devices and accounts within a domain to see all instances of where that key is installed. The search results show the names and contact information for all users with access to a shared key, as well as their account identification information.
Control: Users and administrators can view technical and key installation information for all accounts and devices under their jurisdiction. Keys are controlled by policy and the assignment of rights, and may be disabled so that they are no longer available to a user or device, or re-enabled to allow access. A user with administrative rights over a given key may remove that key from the account of any other user who has access to that key, such as when a key is shared. Logs can be maintained of when keys are accessed.
Distribution: When distributing a key, a user may select a recipient and device (one of their own, or that of another user) to which the key is to be exported, and the key can only be imported by the designated recipient and device. The rights assigned to the key will specify if the recipient is able to further distribute the key to other users. Keys may also be distributed with a pre-determined lifetime, after which they are automatically removed so that a user can no longer access them.
Security: The management facility has no knowledge of the actual value of the security parameters being managed.
The use of administrator accounts for a domain of users provides organisations with powerful tools to track keys, users and devices over whole communities of users, and to simplify the management of security deployments.