OKsystem – brief introduction

Motto: software with a greater intelligence

Since 1990, 4 co-owners 200+ employees

Headquarters in Prague, offices in Brno, NYC

25+ mil. USD annualy

Top 100 Czech, Stability Award AAA

OKsystem in Prague

Security from one sourceWe have all components for instant strong cryptography and smart card deployment from one source:• BABEL – mobile application for transparent encryption of text messages • OKsmart – software for easy and transparent smart card usage

– Smart card applets– Smart card middleware– Personal web based Card Manager

• OKbase - enterprise java system with plug-in management modules:– Card management system– Key management system – Certificate management

• Software development – from mobile to enterprise systems with strong security concept based on integration of strong cryptography to applications

• Smart cards – contact, contactless, combined (hybrid or dual chip)

BABEL – it's new and unique

Babel is an iPhone messaging app which allows you to use your cell phone to exchange encrypted text messages and iMessages.

Cryptography makes difference

How it works

BABEL uses proven and standard algorithms for strong cryptography - AES for message encryption and Diffie-Hellman for cryptographic keys agreement.Messages are encrypted not only during transmission but also in the phone memory. All communication, including key agreement, can be intercepted without any fear or risk of potential decryption. Users do not have to remember any new passwords or keys, or buy and use digital certificates. Application is simple, intuitive and uses a standard iOS service for Contacts and Messages.Android version is being finalized.

Strong cryptographyStrong cryptography exploits encryption algorithms that are highly resistant to cryptoanalysis and systematic attacks in theory and practice. Well known and widely used algorithms (RSA, ECC, AES…) are public and proven for years, and do not contains any hidden secret or backdoors.• All secrets are concentrated in secret/private keys.• Without key nobody (younger sister, NSA, Mossad, FSB, …) will decrypt

cyphertextEvery secret forms a weak point, because there is always the risk of being compromised or lost. Cryptography keys are fundamental and irremovable weak point of strong cryptography and thus require very special handling.

Keys must be securely generated, stored and used – smart cards should be used here - your smartphone is not a security device!Keys must be securely archived in appropriate Key Management System - there is no other recovery when secret key is corrupt or lost!

Smart cardsSmart card is cheap and secure crypto-computer in your pocket.Smart chip is designed and certified for high security and resistant against many types of attack. Smart chip can be embedded in various form factors -credit card size, SIM card size, USB dongle. Smart card can communicate optionally with contact or contactless reader, including NFC. It can deliver security services to master system:

True Random Number Generator for Key generationCryptography with secret key – 3DES, AESAsymmetric (public) key cryptographyFile system with access controlPIN and admin key authentication

Smart card services are provided by downloadable applets.

Smart card security Framework

Logical access and authentication• 802.1x LAN port authentication• 802.1x wifi authentication• Smart card logon• Terminal server authentication• Web SSL/TLS client authentication• Legacy password based authentication (smart card & PIN)

Encryption for privacy• S/Mime e-mail encryption• File/folder encryption• Disk encryption

Digital signature and integrity check• S/Mime e-mail signature• MS Office suite• Adobe Acrobat/Reader

Smart card is access token to information and communication system. Smart card can easily bring high security to everyday IT tasks.

Complete Smart Card Solution

OKsmart

Smart card middlewareMiddleware is system software, that allows host OS and applications to communicate with cards and use card services.OKsmart middleware connects smart cards powered by OKsmart applets to most popular OS- MS Windows and MAC OS-X.Operating system and applications together with OKsmart seamlessly uses smart card for secure cryptographic operations – authentication, encryption and digital signature.

OKbase card Management System

OKbase CMS performs all card issuance services:

Applet loading (= on card software installation)Card personalization• Card body print• Contact chip• Contactless chip

OKbase CMS provides daily card life cycle support:

Card activation, deactivation, reactivation, revocation, terminationPIN management

OKbase CMS is software for complete smart card life cycle management. Card deployment for company or its customers never has been so easy and affordable. Personalization profiles and ready-made scripts manage all complex tasks for operator.

OKbase Key Management System

Basic OKbase KMS functions include:

Cryptography grade random key generation Secure key archiving for generated or imported keysKey restore when two or more security officers puts together restore keyKey activation, deactivation, destructionOKbase KMS exploits secure HSM or smart card for key encryption. Encrypted keys are securely stored in SQL database.

OKbase KMS is software for cryptographic key generation and life cycle management. KMS is essential when any encryption take place with or without smart cards.

OKbase Certificate Management

OKbase Certificate Management takes care for complete certificate life cycle, namely:

Certificate requestsCertificate enrolmentCertificate revocationCertificate archiving

Digital certificates are core components of PKI systems. A certificate provides your digital identity to digital documents and electronic services on the Internet. Companies should manage certificates for their employees.

Use software with strong cryptography.

Be secure. Remain private. Keep them confused.

Ivo RosolSoftware Development Directorwww.oksystem.com