User's Guide: Getting Started with Fortanix Data Security Manager - UI

Sign up for Fortanix Data Security Manager

To get started with Fortanix Data Security Manager (DSM) cloud service, you first need to sign up at https://sdkms.fortanix.com.

Create an account

Use your credentials to log in to Fortanix DSM. Here you can create a new account, or accept an invitation to join another account. After entering an account, you can view and manage groups, users, applications, and security objects belonging to the account.

If you have a newly-created account, use the following steps to add your first group and application to Fortanix DSM.

For details on how to delete or disable an account click here.

Add a group

mceclip0.png

A group is a collection of security objects created by and accessible by users and applications which belong to the group. The user who creates a group automatically gets assigned the role of the group administrator. You can add more users to the group in the role of administrators or auditors. You can also add applications to the group to enable the applications to create and use security objects in that group.

To add a group, you may specify:

  • The title of the group (required).
  • A short description for the group (required).
  • Users in your account as members.
  • Applications in your account to add to the group so that they can use the security objects in the group.
  • Add a quorum approval policy (optional).  A group administrator may enable a quorum approval policy on a group, which mandates that all security-sensitive operations in that group would require a quorum approval.

Add an application

mceclip3.png

An application can use Fortanix DSM to generate, store, and use security objects, such as cryptographic keys, certificates, or an arbitrary secret. Examples of applications include web servers, PKI servers, key vaults, etc. An application can interact with Fortanix DSM using the REST APIs or using the PKCS#11, JCE, or CNG providers.

To add an application, you may specify:

  • Name of the application (required).
  • Type of the application. You can either choose from one of the types of application supported and tested by Fortanix DSM (e.g, NGINX, Apache, etc.), or leave this empty if adding a custom application.
  • A short description of the application.
  • Optionally, a certificate to authenticate the application. If no certificate is provided, Fortanix DSM will generate an API key that the application can use for authentication.
  • The group(s) to which the application belongs.

Once the application has been added, you can use either the API key or the certificate to authenticate the application to Fortanix DSM and start making calls to do cryptographic operations.

Using Fortanix Data Security Manager from an application

Documentation for the Fortanix DSM APIs is available at https://www.fortanix.com/api. An application can either call them directly or use them through the following clients available for download at Fortanix Data Security Manager Resources:

Was this article helpful?
0 out of 0 found this helpful