Development Requirements
| Encryption | Decryption | Administration |
|---|---|---|
| Create an instance of a Agent | Create an instance of a Agent | Create an instance of an administration component |
| Create a connection to the kS or the Remote Engine | Create a connection to the kS or the Remote Engine | Create a connection to the kS or the Remote Engine |
| Provide appropriate credentials for authentication | Provide appropriate credentials for authentication | Provide appropriate credentials for authentication |
| Prepare data to be encrypted | Prepare encrypted data to be decrypted together with its previously assigned T-tag | Prepare the necessary data sets |
| Submit the data to the Engine | Submit the data to the Engine | Submit an administrative request to the Engine |
| Close the connection after the data has been encrypted | Close the connection after the data has been decrypted | Close the connection after the administrative data has been modified |
| Store the encrypted data and its T-tags on a client machine | Store the data on a client machine |
As a result of every encryption key request call, a unique T-tag (aka a hidden link) will be returned. The T-tag functions as an encryption receipt, and it must accompany a later request for a key to decrypt the data. If its T-tag is lost, the encrypted data cannot be decrypted.
Pre-Development Decisions
There should be a clear understanding of what information needs to be protected as part of a comprehensive study of the enterprise security.
What architecture version of the Agent should you use: Java, C++ or C? – The answer to this question is ultimately determined by the type of an application that is going to use the kS's cryptographic services.
What method of authentication are available? -- Pi Soft offers username/password (SRP) authentication, certificate authentication, Trusted Components (code-access authentication), and — build-dependent — LDAP (Kerberos) directory authentication.