Unbound Key Control (UKC) takes the complexity out of app-level encryption by fully abstracting the encryption layer, making it easy for developers to implement strong key security and authorized access to decrypted data.
The Most Secure Encryption is also the Most Challenging
According to most cryptography experts, encrypting sensitive data at the application layer is best. But practically speaking, there are many challenges involved in implementing encryption yourself.
Often, there is no place to store the key that can allow all machines running the application secure access to it
HSMs are secure but rigid, so they are hard to operate, maintain and scale to support constantly changing business requirements
Deploy Secure App-Level Encryption with an Intuitive, Easy-to-Use API
Unbound Key Control (UKC) supports all standard crypto APIs (e.g. PKCS#11, CNG) and includes a fully-integrated module for application-level encryption. This simple, yet secure solution provides developers with an intuitive, easy-to-use API that hides all the details of the encryption process from the developer, allowing him/her to concentrate on the application business logic.
Based on Unbound’s Distributed Trust Platform, UKC stores keys safely in any environment, including cloud, hybrid and on premise. Fully abstracted from hardware, UKC is easy to maintain and scale.
Out-of-the-box integration with Java and .NET APIs, as well as an intuitive, easy-to-use crypto-agile REST APIs
Unbound App-Level Encryption manages all encryption aspects for you so you can focus on the business logic
Keys are automatically protected using Unbound’s Distributed Trust Platform, across any deployment including hybrid and cloud
Supports tokenization and other operations on encrypted data using format, type and order-preserving encryption
App-Level Encryption without Hardware.
Any App. Any Platform. Anywhere.
There are two primary modes of deployment:
Unbound Key Control (UKC) seamlessly integrates with standard crypto APIs such as PKCS#11, Java JCE, Microsoft KSP. All of these APIs are supported by the UKC client that is installed on the application server, and can be seamlessly integrated with your applications.
In addition, UKC includes a full KMIP server, and thus enables consuming cryptographic services using KMIP or through an easy to use, intuitive and crypto-agile REST API.
The Unbound Key Control (UKC) Application-Level Encryption module has an intuitive and easy-to-use API that hides the encryption implementation details from the developer. It fully supports format-preserving encryption, order-preserving encryption and tokenization.
Get an in-depth explanation of how Unbound uses MPC, a mathematically proven method to secure keys on any device.
HOW TO GO BEYOND BYOK WITH CYOK
Control Your Own Keys in the Cloud (CYOK) can ensure your sensitive assets remain secure even in the event of a breach.
UNBOUND KEY CONTROL
Learn how Unbound Key Control, the first secure-as-hardware key management system can protect your crypto keys anywhere.