自带密钥，让密钥尽在掌握

- Solutions
  - Strong Identities
    1. Identity Verification
      Enable high assurance identities that empower citizens.
    2. ID Issuance
      Issue safe, secure digital and physical IDs in high volumes or instantly.
    3. User Identity
      Elevate trust by protecting identities with a broad range of authenticators.
    4. Machine Identity
      Issue and manage strong machine identities to enable secure IoT and digital transformation.
    5. Digital Signature
      Use secure, verifiable signatures and seals for digital documents.
  - Secure Payments
    1. Financial Issuance
      Issue digital and physical financial identities and credentials instantly or at scale.
    2. Digital Card Solution
      Issue digital payment credentials directly to cardholders from your bank's mobile app.
  - Digital Infrastructure
    1. Database Security
      Secure databases with encryption, key management, and strong policy and access control.
    2. Multi-cloud Security
      Secure encryption keys, containers, and data across multi-cloud. environments.
- Industry
- Compliance
  - 1. PSD2
    2. HIPAA
    3. GDPR
  - 1. CMMC
    2. eIDAS
- Cloud Security, Encryption, and Key Management
  - Cloud Security Posture Management
  - Multi-Cloud Encryption
  - Key Management
- Digital Certificates
  - TLS/SSL Certificates
  - Qualified Certificates
  - Sales and Services
  - Verified Mark Certificate (VMC) for BIMI
    Show your official logo on email communications. Download our white paper to learn all you need to know about VMCs and the BIMI standard.
    Learn More
- Digital Signing
  - Digital Signing as a Service
    1. Signing Automation Service
    2. Remote Signing Service
  - Signing Certificates
  - Signing Servers
- Hardware Security Modules (HSM)
  - nShield HSMs
    1. nShield Connect
      Networked appliances that deliver cryptographic key services to distributed applications.
    2. nShield Edge
      Personal, USB-connected desktop HSMs.
    3. nShield Solo
      PCI-Express card-based HSMs.
    4. nShield as a Service
      Subscription-based access to dedicated nShield HSMs.
    5. nShield HSMi
  - nShield Software
  - Management and Monitoring
    1. nShield Monitor
    2. nShield Remote Administration
  - Compliance
    1. FIPS 140-2
    2. GDPR
    3. PSD2
    4. NIST 800-53 Fedramp
    5. Common Criteria
    6. eIDAS
    7. HIPAA
    8. PCI-DSS
    9. Americas
    10. EMEA
    11. APAC
    12. Global
  - Use Cases
  - 1. View All Use Cases
- Identity and Access Management (IAM)
  - Products
    1. Identity as a Service
      Cloud-Based IAM
    2. Identity Enterprise
      On-prem IAM
    3. Identity Essentials
      On-prem MFA solution for Windows users
  - Testimonials
  - Portfolio Capabilities
  - Workforce Identities
  - For Consumers and Citizens
- Public Key Infrastructure (PKI)
  - Products
  - Managed Services
- Central Issuance
  - Financial Cards
  - Government Cards
- Instant Issuance
  - Financial Cards
  - ID Cards
- Passport issuance
  - Passports
  - Try Our Passport Credential Builder
    Learn More
- Partners
  - Become an Entrust Partner
    Our partner programs can help you differentiate your business from the competition, increase revenues, and drive customer loyalty. Consider joining one or more of our Entrust partner programs and strategically position your company and brand in front of as many potential customers as possible.
    Learn More
  - Partner Directory
    Search for partners based on location, offerings, channel or technology alliance partners.
    Search for a Partner
  - Programs
  - Partner Logins
- Support & Services
  - Contact Support
  - TrustedCare
    Product downloads, technical support, marketing development funds.
    Learn More
  - Digital Security Knowledge Base
    Guides, white papers, installation help, FAQs and certificate services tools.
    Learn More
  - Issuance Systems Knowledge Base
    Technotes, product bulletins, user guides, product registration, error codes and more.
    Learn More
  - PKI Professional Services
  - Cryptographic Center of Excellence
    Construct best practices and define strategies that work across your unique IT environment.
    Learn More
  - Custom Cryptographic Solutions
    1. Code Signing
    2. HSM Application Integration
  - Product Deployment Services
  - Packaged Services
  - Training
- Resources
  - Issuance Systems Knowledge Base
    Technotes, product bulletins, user guides, product registration, error codes and more.
    Learn More
  - Digital Security Knowledge Base
    Guides, white papers, installation help, FAQs and certificate services tools.
    Learn More
- About Entrust
  - Securing a World in Motion Since 1969
    We’ve established secure connections across the planet and even into outer space. We’ve enabled reliable debit and credit card purchases with our card printing and issuance technologies. Protected international travel with our border control solutions. Created secure experiences on the internet with our SSL technologies. And safeguarded networks and devices with our suite of authentication products.
    Explore Our History
  - 1. Leadership
    2. Blog
    3. Careers
    4. Events
    5. Webinars
    6. Podcasts
    7. News Articles
    8. Press Releases
  - Cybersecurity Institute
    Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
    Learn More
- Shop
  - Entrust Certificate Services Portal
    Existing Entrust Certificate Services customers can login to issue and manage certificates or buy additional services.
    Learn More
  - Entrust Certificate Services Retail
    Shop for new single certificate purchases.
    Learn More
  - Entrust Certificate Services Partner Portal
    Existing partners can provision new customers and manage inventory.
    Learn More
  - Instant Financial Card Issuance Supplies
    1. Registered Customer Login
    2. Request Access
- Search Entrust
  - Search:

With nShield® Bring Your Own Key and Cloud Integration Option Pack, you bring your own keys to your cloud applications, whether you’re using Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure or Salesforce. Entrust nShield high-assurance HSMs let you continue to benefit from the flexibility and economy of cloud services while you strengthen the security of your key management practices and gain greater control over your keys.

Watch our Video, Bring Your Own Key with Entrust and Microsoft Azure, to see how nShield BYOK can strengthen your cloud key management practices.

“将密钥带入 Microsoft Azure”视频

下载我们的解决方案简介《nShield 自带密钥解决方案》，详细了解 nShield BYOK 如何帮助您获得更好的密钥可控性。

Entrust nShield HSM 自带密钥解决方案简介

Download our datasheet, to learn more about Entrust Double Key Encryption to extend control and security over your organization's most sensitive data.

Entrust Double Key Encryption for Microsoft Information Protection

Download our solution brief , to learn more about Entrust Hold Your Own Key to manage your most sensitive data within your own security perimeter with key management provided through an Entrust hardware security module (HSM).

Entrust Hold Your Own Key Solution Brief

优势

更安全的密钥管理

Entrust nShield BYOK 具备 FIPS 140-2 2 级和 3 级 nShield HSM 支持，为您采纳更加安全的密钥管理实践提供帮助，增强云中敏感数据的安全性。

更强大的密钥可控性

借助 Entrust nShield 自带密钥解决方案，您可以使用您专属的 Entrust nShield HSM 在您自己的环境中创建、存储密钥，并安全地将其迁移至云端。

更高级的密钥生成

Entrust nShield HSM 使用经认证的高熵随机数发生器来创建密钥，相较于通常在软件中生成的密钥质量更高。

规格

经认证的硬件信任根

Entrust nShield BYOK 以 nShield Edge、Solo 和 Connect HSM 为基础，所用 HSM 均已通过 FIPS 140-2 级和 3 级认证。该认证确保 Entrust nShield HSM（包括其防篡改功能）通过严格的标准测试。请参阅我们的产品页面，查看这些平台所遵守标准的完整列表。

适用于 Microsoft Azure 的 Entrust nShield BYOK

You can bring your own keys (BYOK) to your cloud applications. For Microsoft Azure, use the nShield Cloud Integration Option Pack to generate your keys on premises, and then securely transfer your keys to the Entrust nShield HSM running within the Azure infrastructure. With this approach, you get HSM-backed security at both ends. You can also store and manage your master keys in your on-premises Entrust nShield HSM.

适用于 AWS 和 GCP 的 nShield BYOK

如果您使用的是 AWS 或 GCP，您可以使用 nShield 云集成选项包在本地生成密钥，然后将其租赁给 AWS 或 GCP，以便在云环境中临时使用。超过预设时间段后，您在云环境中的密钥将被销毁。但您可以根据需要，再次租用存储在 HSM 中的密钥。

nShield BYOK for Salesforce

Using nShield Cloud Integration Option Pack allows you to import keys generated on an nShield HSM into Salesforce.

多云服务

Entrust nShield BYOK 允许您选择云服务提供商，并使用同一 HSM。无论您何时做出选择，您的本地 Entrust nShield HSM 都可以向您选择的任一云提供商发送密钥。