Key management system for Web Service Provider

We need a key management system to meet PCI DSS (Payment Card Industry Data Security Standards) requirements. We would prefer leveraging an existing open source project that either meets or can be modified to meet our requirements (e.g. StrongKey - [url removed, login to view], keepassx - [url removed, login to view], others - [url removed, login to view], [url removed, login to view]).

We use symmetric keys and want key generation and machine-to-machine communication of keys so that personnel are not exposed to keys.

Development of the requirements from scratch is not encouraged.

The ideal system would run on a Linux server. We do not require a specific language but prefer JAVA first, then C++.

This system would need to do the following:

1) Generate secure keys on demand for AES (currently 256-bit) encryption that meet the standards of the PCI DSS

2) Store keys securely with encryption and password protection at least as strong as AES 256-bit encryption

3) Transmit those keys via a secure connection (ie. SSL or HTTPS) to specified servers that would actually do the encrypting of files. This transmission would be on-demand, although we would eventually create a scheduler to distribute keys on a periodic basis.

4) Transmit keys via a secure connection to specified servers used to decrypt files

5) Maintain a record of keys so that we can track keys by date and a 3-character code used to identify encryption algorithm or other data needed to decrypt files successfully. In our scheme, keys would be distributed throughout the company based on either periodic key retirement dates or whenever the key was suspected of being compromised. Each file would be tagged with the date of the key used for encryption (and a code for future use that would further identify the key and possibly algorithm or other encryption details.) Our decryption routine would choose which key to use based on the date and code associated with the key.

6) (this is possibly optional right now) Generate an encrypted XML file that serves as the configuration file for our server applications. The XML file would include the encryption key.

7) Maintain user profiles consistent with PCI standards.

8) Automatically create an encrypted backup file stored in a configurable location. The objective is to ensure that the keys are backed up easily and can be recovered by the application when needed.

Background: We create many files for our customers that are stored over long periods of time. These files are created on servers that are usually located at the customers

Deliverables must include source code, documentation and requirements for installation and configuration.

To bid, please list any experience you have with key management and a description of the existing libraries - if any - you will use.

Evner: Computer Sikkerhed

Se mere: service provider need key management server, web provider management system, key management system, web development system requirements, web development source code, web development service provider, web development language, web development industry, web development from scratch, web development documentation, web development description, web development company description, web development background, track deliverables, system development web, source code protection, source code documentation standards, right management, projects for web development, personnel source, objective c web development, net scheduler, net algorithm, language for web development, key personnel

Om arbejdsgiveren:
( 84 bedømmelser ) Charlotte, United States

Projekt ID: #960203

3 freelancere byder i gennemsnit $2733 på dette job


Please check PMB

$2800 USD in 60 dage
(4 bedømmelser)

I have around 6 years of experience in writing code for key generation/encryption/decryption/digital gignatures/SAML etc... in C++ and java. Please check PMB.

$3000 USD in 30 dage
(0 bedømmelser)

pls check PMB

$2400 USD in 30 dage
(0 bedømmelser)