StrongKey is an open source software product that implements a Symmetric Key Management System (SKMS). StrongKey creates an infrastructure that manages the encryption keys of sensitive company data. Designed for the enterprise and compatible with many databases, operating systems, and application programming languages, Strongkey can be deployed in any sector. Strongkey is an essential component of your Enterprise Key Management Infrastructure (EKMI).

What does StrongKey do?

StrongKey removes key management from individual applications, databases, and operating systems and places it in a centralized system for the enterprise. The software allows every resource in the IT infrastructure, to manage keys from a single interface point. One open source software application is used to manage all the keys, enterprise wide. StrongKey is the first open-source software product to address this problem.

Image Protection

Companies have numerous security issues to contend with on a daily basis. Just one security breach can irrevocably harm a company's image. Utilizing StrongKey provides businesses with a tool to prevent their image from tarnishing due to a security breach.

  • SB 1386 "safe-harbor"; Non Disclosure of Data Breach to the Public
  • Demonstrates the Company is Security Compliant

Cost Savings

StrongKey's open source philosophy creates a cost efficient deployment. Additionally, the centralized key management function of StrongKey affords a business the benefit of directly reducing their key management costs across the enterprise through reduced Operations, Administration & Maintenance costs.

  • Open Source. No Vendor Lock-In
  • Centralized Key Management for Reduction of Costs Across the Enterprise

Investment Protection

StrongKey is designed with industry standards. This ensures that the resources committed to deploying StrongKey will not be fruitless. Strongkey is compatible with companies' existing environment and any future operational setting.

  • OASIS Symmetric Key Services Markup Language (DRAFT 01)
  • WWW Consortium's XML Signature
  • WWW Consortium's XML Encryption
  • OASIS Web Services Security
  • ISO X.509
  • J2EE

Extremely Secure

StrongKey incorporates the highest levels of security into its symmetric key management software, while providing you with a choice of cryptographic service providers. This insures the integrity of the Enterprise Key Management Infrastructure.

  • Every Symmetric Key is Encrypted Using the Strongest Cryptography Available
  • Every Object in the Central Database is Digitally Signed Before Storage
  • Every Object in the Central Database is Verified Upon Retrieval to Ensure Message Integrity
  • Every Client Request is Digitally Signed; Only Strongly Authenticated Requests are Honored
  • Every Server Response is Digitally Signed to Ensure that Clients can Trust the Response
  • Clients and Servers can Leverage Cryptographic Hardware Tokens for Increased Security

Business Continuity

The ability for a company to conduct customer transactions - including encryption and decryption - even when the network is non-operational, is vital. StrongKey's key caching feature allows keys to be accessed even when the network is not functional.

  • Operable, Even Under Network Failure

Policy Driven

StrongKey facilitates a company's encryption policy. The centralized policy engine manages the generation and issuance of symmetric keys, as defined by a businesses policy standard.

  • Single Point to Define Company Policies
  • Provides Tight Control for Policy Definition
  • Ensures Uniformity Across the Enterprise


StrongKey creates a key management infrastructure for the entire enterprise - not just a database, a tape silo, a SAN or one group of applications. The Encryption Key Management Infrastructure makes possible the management of all symmetric keys from a single point, enterprise wide.

  • Scalability to Meet any Level of Demand
  • Platform Independence
  • Transaction & Resource Management
  • High Availability
  • Platform, Database, and Application Independent Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I