ID Quantique Revolutionizes Quantum Security with a Scalable Hybrid API on AWS

ID Quantique (IDQ), based in the heart of Geneva, Switzerland, positions itself as an innovative leader in the field of quantum security. Specializing in the development of Quantum Key Distribution (QKD) systems, quantum-safe network encryption, single-photon counters, and hardware random number generators, IDQ stands out for its cutting-edge expertise and significant contributions to the advancement of quantum technology.

In the rapidly evolving field of digital security, ID Quantique identified a critical need to develop an Internet API that is scalable and highly secure, while minimizing maintenance efforts. This API needed to not only integrate services hosted on ID Quantique’s own infrastructure, previously only accessible via a private network, but also ensure effective protection against illegitimate traffic. Furthermore, from a budgetary perspective, ID Quantique aimed to adopt a flexible pricing model, aligning the solution’s costs with its actual usage. This approach was part of a broader strategy to modernize and further secure their operations while optimizing costs and operational efficiency.

“Develop a scalable and highly secure Internet API while minimizing maintenance efforts.”

“Ensure protection against illegitimate traffic while maintaining continuous access to ID Quantique’s internal services.”

“Implement a hybrid network solution for seamless and redundant network interconnection with ID Quantique’s infrastructure.”

“Adopt a flexible ‘pay-as-you-consume’ pricing model, aligning solution costs with actual usage.”

We developed an innovative solution tailored to the unique challenges of ID Quantique. Our approach involved creating a hybrid cloud anchored by a state-of-the-art API Gateway, connected to a Virtual Private Cloud (VPC). This setup provided seamless VPN connectivity to ID Quantique’s premises, ensuring a smooth network interconnection while guaranteeing redundancy through the dual tunnel feature of the AWS VPN solution.

At the core of this solution are several robust protective mechanisms for the API, including:

  1. A Web Application Firewall to guard against online threats.
  2. Throttling to control and manage network traffic.
  3. The use of API Keys for secure authentication and authorization.

All these components were deployed using the AWS SAM framework, allowing for seamless integration into ID Quantique’s software supply chain. This integration facilitated automated deployment and easy maintenance as the code evolved. Necessary public certificates were provisioned and managed using AWS Certificate Manager (ACM).

The entire implementation is stateless, leveraging the scalability offered by AWS services. This serverless and managed services architecture enables ID Quantique to benefit from nearly zero additional IT maintenance. The serverless approach also ensures a highly scalable solution, confirmed by load tests, while keeping operational costs to a minimum.

Thanks to this solution, ID Quantique now enjoys a robust and scalable platform, ready to support its operations for many years to come. The defined alarms also allow the company to measure the latency of its internal APIs, providing additional insights that were not available before this implementation.