A Hardware Security Module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. HSMs are hardened, tamper-resistant hardware devices that strengthen encryption practices by generating keys, encrypting and decrypting data, and creating and verifying digital signatures. Some hardware security modules (HSMs) are certified at various FIPS 140-2 Levels.

HSMs traditionally come in the form of a plug-in card (SAM/SIM card) or an external device that attaches directly to a computer or network server.

HSMs may have features that provide tamper evidence such as visible signs of tampering or logging and alerting, or tamper resistance which makes tampering difficult without making the HSM inoperable, or tamper responsiveness such as deleting keys upon tamper detection. Each module contains one or more secure cryptoprocessor chips to prevent tampering and bus probing, or a combination of chips in a module that is protected by the tamper evident, tamper resistant, or tamper responsive packaging.

A vast majority of existing HSMs are designed mainly to manage secret keys. Many HSM systems have means to securely back up the keys they handle outside of the HSM. Keys may be backed up in wrapped form and stored on a computer disk or other media, or externally using a secure portable device like a smart card or some other security token.

Because HSMs are often part of a mission-critical infrastructure such as a public key infrastructure (PKI) or online banking application, HSMs can typically be clustered for high availability and performance. Some HSMs feature dual power supplies and field replaceable components such as cooling fans to conform to the high-availability requirements of data center environments and to enable business continuity.

 

Related Products

Related Articles

HID Global Acquires DemoTeller

July 18th, 2019|

AUSTIN, Texas, July 18, 2016 -- HID Global®, a worldwide leader in secure identity solutions, today announced that it has acquired DemoTeller, a leading provider of instant issuance solutions for the financial market.  With this acquisition, HID Global is now able

Categories: Security
« Back to Glossary Index