Namirial Qualified Trust Service
Ensuring the best possible resilience for our customers
As the number of online transactions and the use of digital certificates continues to increase, the Qualified Trust Service Providers must handle a large volume of certificate requests and other related operations. This could lead to performance issues, including slow response times and potential downtime.
Moreover, Certification Authorities are exposed to cyber-attacks, system failures, and natural disasters, among other risks. In the event of such incidents, customers could be left without access to critical services, compromising their security and trust.
Continuous improvement and failover mechanisms ensure that a CA infrastructure can quickly and effectively recover from such incidents, mitigating the risks of downtime and data breaches.
At Namirial, the continuous improvement of our Certification Authority infrastructure is crucial for:
- providing customers with the highest level of security and reliability.
- ensuring that our services are always secure and available.
Continuing in this direction, Namirial has decided to double up its efforts and create a second Qualified Certification Authority, completely equivalent to the current CA – which already uses a traditional business continuity model based on a primary and secondary data center – to be able to handle even the most critical events.
Namirial will have two distinct QTSP, both present in the European Trusted Service List, based in different data centers, for both primary and disaster recovery.
In particular, the primary site of the existing Namirial CA is in Milan, with the disaster recovery system installed in Senigallia. The new Namirial CA will have its primary site in Barcelona, while the disaster recovery system in Naples.
Architecture of the load balancing solution
The provision of the Namirial QTSPs services is based on a central component called ‘WAF‘. This service is part of the Namirial infrastructure and acts as unique interface for the services of all our customers, handling the secure communication and a smart dispatching logic for the incoming requests. The WAF makes the use of our new architecture completely transparent to our customer, with no need of any change or integrations to use it.
The architecture has been designed to minimize the impact on the external stakeholders. The WAF interface makes the full certificate issuance process and its usage identical to what used to be, independently from which of the CAs will be the provider of the certificates. The second Certification Authority will be mainly used to implement a load balancing and fallback mechanism, in the event of unavailability of the other CA.
This second Namirial CA is built on the modern PKI as a service paradigm, one of the solutions offered by Uanataca S.A., belonging to the Namirial Group. Uanataca is a Qualified Trust Services Provider (eIDAS) in Europe and Latin America, which has created the innovative offering known as PKI as a Service (PKIaaS), providing its infrastructure, cloud-based services, business process consulting, together with legal and security procedures, to help our customers become a QTSP.
Through its modern PKI as a Service, Uanataca provides PKI hosting services, issuance and management of digital certificates, centralized custody of certificates and automatic and interactive electronic signature to Trust Service Providers such as Namirial itself. Certificates issuance, digital signature and time stamping services, offered by this second CA, will be made available, when necessary, by the WAF component, leaving the interface offered to the customers unmodified and uniform. This has been done to guarantee maximum continuity of services and enable the customer to cope with overload, incidents and total or partial service interruptions and to ensure the continuous operation of critical business processes and required trust services.
Benefits of the architecture
Are you inspired? Contact us!
Do you want to know what we can do for you? Do you want to ask for a quotation?
Please, feel free to send us a message compiling the following form.
All fields are required except where indicated.