QuKee
Managing Quantum Key Distribution networks with secure, interoperable and AI-driven key services
General Information
Quantum key distribution management system
QuKee is a multi-vendor, vendor-agnostic system for quantum key distribution networks that provides centralized management of multiple links between QKD modules.
Its interoperability relies on the ETSI QKD 020 protocol, HSM integration via PKCS#11, and secure gRPC/TLS 1.3 communication. From a security standpoint, it incorporates secure key storage, hybrid quantum key exchange, secure boot, and role-based administration, among many other features. It also supports advanced features like AI integration and SLA-based policies to ensure effective key-delivery service.
- Multi-vendor agnostic, supports QKD native systems through ETSI 014 / 004 or custom plugins upon agreement with QKD vendor.
- Centralized policy driven. Policies are defined in the key manager central service component and delivered to the KMs associated to Tx(s) / Rx(s) in a seamless way.
- The KM central service component can handle as many links as needed between KM associated with QKD modules, only constrained by deployment architecture limitations.
- Deployment based on Linux OS and container technology with docker and docker compose.
- Observability with OpenObserve and OpenTelemetry collector for enhanced real time monitoring.
- Supports SNMPv3.
- Inter KM communication between different QKD modules based on ETSI QKD 020 KM interoperability protocol.
- Integration with HSM via PKCS#11.
- All communications channels are based upon gRPC and secured through TLSv1.3.
- Full HSM integration for cryptographic engine and secure key storage.
- Quantum safe involving hybrid key exchange between key managers following ETSI TS 103 744 specification document for KM internal data protection.
- Internal PKI for securing internal subsystems communication channels and role management.
- Secure self-booting system.
- Role based administration.
- Integration with IA engines for improved behavior and support for system operators.
- SLA policy driven to enforce compliance with key delivery service through multiple applications.