Home  » Products  » KSG
KSG™ KMIP Server Gateway
KSG™ enables your applications to use the OASIS KMIP protocol to access HSM functions. HSMs must provide an OASIS PKCS#11 API.
  • Royalty Free License
  • Available for Windows™ | Linux™ 64bit Platforms
Please contact our sales team if you have any questions.
The KSG™ is a special purpose KMIP Server application that sits in front of existing HSMs (Hardware Security Modules). It provides an OASIS KMIP protocol interface to existing HSMs by translating KMIP protocol requests to PKCS#11 and then translating the PKCS#11 responses back into KMIP.
The possible KMIP operations that are supported via KSG depend upon the limitations of the backend HSMs.
  • OASIS KMIP 1.0, 1.1, 1.2, 1.3, 1.4, 2.0 standards
  • Full Implementation Supports HTTPS, TTLV, XML and JSON message encodings.
  • Extensive Protocol Logging (TTLV, XML and JSON)
  • Standards Compliant (see the Standards and Conformance tabs)
  • Supports most commercially available HSMs

Supported Platforms

KSG™ is available for the following platforms:

  • Windows 10 (64bit), Windows Server 2016+ (64bit)
  • Linux x86 Kernel 2.6+ (64bit)

Current Documentation

KSG 2020.1 Developers Guide
KSG 2018.1 Developers Guide
KSG follows the standards defined in these documents.
The OASIS Key management Interoperability Protocol (KMIP) defines a single, comprehensive protocol for communication between encryption systems and a broad range of new and legacy enterprise applications, including email, databases, and storage devices. Go to OASIS Key Management Interoperability Protocol (KMIP) Technical Committee to learn more about the KMIP standard.
OASIS PKCS #11 is a standard for cryptographic tokens controlling authentication information (personal identity, cryptographic keys, certificates, digital signatures, biometric data). Go to OASIS PKCS #11 Technical Committee to learn more about the PKCS #11 standard.

Standards Reference Documents

KMIP 1.0 Specification, OASIS Standard, 01 Oct 2010
KMIP 1.0 Profiles Specification, OASIS Standard, 01 Oct 2010
KMIP 1.1 Specification, OASIS Standard, 24 Jan 2013
KMIP 1.1 Profiles Specification, OASIS Standard, 24 Jan 2013
KMIP 1.2 Specification, OASIS Standard, 19 May 2015
KMIP 1.2 Profiles Specification, OASIS Standard, 19 May 2015
KMIP 1.3 Specification, OASIS Standard, 27 Dec 2016
KMIP 1.3 Profiles Specification, OASIS Standard, 27 Dec 2016
KMIP 1.3 Usage Guide, Committee Note Draft 01, 03 Dec 2015
KMIP 1.4 Specification, Committee Specification Draft 01, 09 March 2017
KMIP 1.4 Profiles Specification, Committee Specification Draft 01, 30 March 2017
KMIP 2.0 Specification, OASIS Standard, 31 October 2019
KMIP 2.0 Profiles Specification, OASIS Standard, 31 October 2019
KMIP 2.0 Test Cases, Committee Note01, 24 October2019
KMIP 2.1 Specification, Committee Specification Draft01, 12 December2019
KMIP 2.1 Profiles Specification, Committee Specification Draft 02 /Public Review Draft 01, 06 February 2020
PKCS#11 Cryptographic Token Interface Base Specification Version 2.40, OASIS Standard, 14 April 2015
PKCS#11 Cryptographic Token Interface Current Mechanisms Specification Version 2.40, Committee Specification 01, 16 Sept 2014
PKCS#11 Cryptographic Token Interface Historical Mechanisms Specification Version 2.40
PKCS#11 Cryptographic Token Interface Profiles Version 2.40, OASIS Standard, 14 April 2015
PKCS#11 Cryptographic Token Interface Usage Guide Version 2.40, Committee Note 02, 16 Nov 2014
PKCS#11 Cryptographic Token Interface Base Specification Version 2.40 Errata 01, 13 May 2016
PKCS#11 Cryptographic Token Interface Base Specification Version 3.0
PKCS#11 Cryptographic Token Interface Profiles Version 3.0
PKCS#11 Cryptographic Token Interface Current Mechanisms Specification Version 3.0

Licensing and Upgrades


"Deploy Anywhere License"™ Highlights

  • One license covers all platforms. No need to purchase a license for each platform.
  • Site licenses are also available.
  • Contact Sales for licensing options.