Server Hardware for RFC3161 time stamps

Strong evidence for data authentication

SecureTime^SM Server

DigiStamp's production-proven servers are now available for purchase. DigiStamp began in 1998 as an Internet-based time stamp service. Using our client software and an Internet connection, customers could request a time stamp from one of our SecureTime Servers. Recently, customers have requested that we provide the option of the customer hosting the SecureTime Server.


	Table of Contents: Who uses the SecureTime Server. The security design for the trust model. A reliable and scalable solution. The valuable support from DigiStamp. The server includes tools for integrating time stamps within your organization. The pricing options to fit your needs.

There are two types of customers that benefit from the new hardware option:

High-volume customers that need dedicated capacity for their internal requests for time stamps. When our customer routinely uses about 1 per second, then the in-house SecureTime Server can become a cost-effective alternative to DigiStamp's Internet-based solution.
Organizations or government agencies that want to establish themselves as a time stamp authority. In this situation, our customer wants to establish a regional time stamp authority that has local customer support and a regional focus to the time stamp service. DigiStamp provides all the software, hardware and processes to quickly establish this new time stamp authority with a distributor agreement and a defined region.

The DigiStamp service (hardware, software, and processes) has proven itself by providing reliable service for the past 5 years to thousands of customers, creating millions of time stamps.

SECURITY for the trust model

The SecureTime Server comes with the hardware-based security that a time stamp authority demands. The same lock down and audit procedure has been performed on this device as described here:

A hardware security module (HSM), which is NIST certified, stores the private key, clock and performs the crypto-functions. The tamper-detection mechanisms destroy the private key if attempts are made to discover the key. Read more about the IBM 4758 Cryptographic Coprocessor here.
The HSM is preconfigured by DigiStamp to provide time stamps. All other interfaces have been disabled. The time stamps are implemented as specified by the IETF PKIX Time Stamp Protocol (RFC 3161). The signatures use RSA and a 2048-bit key length.
The clock is inside the HSM and has been set and cannot be adjusted beyond minor updates for clock drift. A software process synchronizes with recognized sources, and DigiStamp remotely audits the clock drift adjustments.
The private signing key is initialized inside the HSM in a "no export" manner so that neither you nor DigiStamp can ever see the private key. The private key and clock are bound together in the HSM when initialized.

RELIABLE and SCALABLE

There are three approaches to increasing capacity and managing system or communication outages:

The DigiStamp Internet-based service can be a backup to your operations. For example, given an Internet outage at your facility, clients could automatically begin using the DigiStamp set of server locations.
Install multiple, independent SecureTime Servers – potentially separate locations. The client toolkits from DigiStamp include the fail-over logic if a location is unavailable.
A cluster of multiple servers is installed using a model for fail-over and a round-robin load delegation.

SUPPORT from DigiStamp

Customers can begin by using our Internet-based time stamp service with our API toolkits and Desktop application. When their business use grows, they can install the SecureTime Server in-house and centrally configure their current users' software to access the new server.

SecureTime Server includes a web-based configuration and monitoring interface. The server has alerts for your operation's support if internal errors were to occur.

DigiStamp's audit service supplements the SecureTime Server with an external party to the clock-synchronization operations and HSM status.

TOOLS for integration

Customers purchasing the SecureTime Server can also distribute the IP-Protector Desktop software and the SecureTime API toolkits. Distribution rights will be limited to within the corporation that purchased the SecureTime Server.

Pricing options

HSM with the Application server software installed and configured with hosting hardware.¹	$35,000
Support and annual maintenance fee. First year is included.²	$4,500/year
Licensed copies of SecureTime API toolkit for Java	No charge
Licensed copies of SecureTime API toolkit for C/C++	No charge
(optional) DigiStamp failover access priced based on capacity. This would be a feature for your disaster recovery plans.	One-time setup fee $1,000. Annual fee of $1,000 per capacity increment of 1 transaction per 5 seconds. Actual fail over events are charged at the regular pricing plan starting at pricing level 4.
(optional) Support upgrade to include a guarantee for next day shipment of replacement.	$2000/year

All prices are in US Dollars.

¹ An 2U, rack-mounted network appliance. Optional hardware choices are available based on customer specifications.

² Installation requires an outbound Internet connection for clock synchronization events. Extended Support can be purchased within 90 days of original equipment purchase.

The SecureTime server and the DigiStamp software that it contains is licensed for use within a single organization and does not include distribution rights to the general public, for reselling the time stamp service or for reselling the device.

Secure Time Application Server Software provides these host functions:

- HTTP session managed by the application server software
- Java to HSM integration using IBM Common Cryptographic Architecture software
- Runs on a MS Windows 2000 operating system.

A one-year limited warranty on hardware purchased from DigiStamp. The HSM has handling, operational and environmental requirments related to tamper detection mechanisms. The warranty does not include if a tamper event is detected by the HSM. DigiStamp can supply used hardware that has been used for extended tests or within DigiStamp operations.