Glossary
- AES
-
Advanced Encryption Standard (AES)
- HES
-
Head end system
- MDM
-
Meter Data-Management
- HSM
-
Hardware Security Module
- HSM-Admin
-
Specific admins responsible for managing the HSM using the utilities provided by the HSM manufacturer.
- KEK
-
Key-Encryption-Key. Used to encrypt the tenant’s key material in the KMS database.
- KMS
-
Key management system. Software platform that provides communication and certificate management services to an external tenant.
- KMIP
-
Key Management Interoperability Protocol
- KMS-Admin (KMS-Administrator)
-
The KMS platform administrators are responsible for managing the KMS-Tenants, HSM, Tenant-HSM-Profiles.
- KMS-Tenant
-
A logical entity in the KMS platform separating the managed key material in own domains.
- KMS-Tenant operators
-
The tenant operators are responsible for managing their own tenant configuration, e.g. Client-Users, Key-material generated/stored on the HSM. Key-Material can be KMS-Tenant-KEKs or general tenant keys (e.g. for shipment file decryption).
- KMS-Tenant-Client
-
Client, which uses the KMS-Webservices (KMIP-API) on behalf of the tenant.
- KMS-Tenant-Client user
-
Login account of the KMS-Tenant-Client defining the client’s name and credentials for accessing the Webservices (KMS-KMIP).
- KMS-Admin
-
The KMS-Admin is the UI used by the KMS-Admin for general management of the MTG KMS platform.
- KMS-Tenant
-
The KMS-Tenant is the UI used by the KMS-Tenant operators for managing its own tenant configurations.
- KMS-Webservices (KMIP-API)
-
The Webservice KMIP-API is accessed by the tenant’s Client users (i.e. the tenant’s applications). Tenant-HSM-Profiles |Stores the tenant’s credentials to access the HSM.
- Tenant-HSM-Profiles
-
Stores the tenant’s credentials to access the HSM.