Building secure applications for self-custody wallets with IBM

Ahead of the upcoming IBM Z Day virtual conference on next-gen innovations, we’re excited to reveal an update about our collaboration with IBM. 

UKISS Technology has been privileged to access IBM’s trusted facilities and resources since becoming one of the selected few chosen for the IBM Hyper Accelerator Program in September 2022. The program kick-started a year after UKISS Technology began developing a suite of safe and simple tools to promote the self-custody of digital assets. 

These include the phrase-free Hugware wallet, which stores the private keys of digital assets in an offline device and synchronizes them in a backup wallet. We also develop a host of applications that complement the safety of the Hugware wallet, such as U-Mint, which allows our customers to claim a non-fungible token (NFT) that had been linked to their Hugware serial number, and UKISSCerts, which allows customers to verify the authenticity of their device. Each Certificate of Authenticity, recorded on the Ethereum blockchain, is issued by UKISS Technology and contains a unique serial number that can be used to track the device’s origin.  

Security must play a significant role in our product design and development. With widespread cybersecurity concerns in the Web3 space, the safety of digital assets is paramount to establishing trust among our customers. 

Building in secure environments

Hugware-related applications are built in a safe and secure environment. One of the ways we achieve this is through a robust Key Management System (KMS), a containerized application that UKISS Technology uses to secure cryptographic keys.

With KMS, our developers can protect our U-Mint and UKISSCerts applications from unauthorized access and data leakage, as both applications involve managing important data such as Hugware device serial numbers and NFT metadata. The stored information excludes details of wallet private keys and public key addresses as these are only generated by the Hugware customers upon initialization and wallet setup. 

To better secure the application environment, we regulate access to the applications’ back-end portals by implementing role-based access and distributed access privileges. The UKISSCerts application is also built upon the TradeTrust open-sourced framework developed by Singapore’s Infocomm Media Development Authority.

Enhancing security with IBM Hyper Protect

Working with credible institutions such as IBM contributes greatly to the security of our developments. IBM Hyper Protect runs on FIPS 140–2 Level 4 certified hardware, which provides the highest level of data protection in the cloud. 

Hosting our KMS on the IBM Hyper Protect Virtual Servers will enhance the security of U-Mint and UKISSCerts. This established facility also has confidential computing capabilities, enabling UKISS Technology developers to operate the applications in isolation and on a zero-trust basis. 

Furthermore, Hyper Protect Virtual Servers apply secure boot, which ensures that only trusted software can be loaded onto the system, and trusted execution environment, or TEE, which can be used to run sensitive applications in a secure environment. The servers are also based on IBM Z, one of the world’s most secure platforms. 

We are grateful for the opportunity to be a part of the IBM Hyper Accelerator Program and look forward to continuing to work with IBM to develop cutting-edge solutions.

分享这个帖子