Skip to topic | Skip to bottom

Main

Main.HSMOverviewr1.8 - 27 Jan 2011 - 10:46 - JimBasneytopic end

Start of topic | Skip to actions

Hardware Security Module (HSM) Information

FIPS 140 Level 2

Required by the SLCS authentication profile.

HSM Features required by profile

Device must show tamper evidence, so that tamper evident protection must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module to protect against unauthorized physical access.
Role-based authentication in which a cryptographic module authenticates the authorization of an operator to assume a specific role and perform a corresponding set of services.
The private key stored on the HSM should not be exportable in plaintext form.

Devices rated at FIPS 140 level 2

Aladdin eToken Pro (http://www.aladdin.com/etoken/devices/default.aspx)

FIPS 140 Level 3

Required by the Classic and MICS authentication profiles.

HSM Features required by profile

Devices rated at FIPS 140 level 3

Thales (nCipher) netHSM (http://iss.thalesgroup.com/en/Products/Hardware%20Security%20Modules/netHSM.aspx)
SafeNet Luna SA (http://www.safenet-inc.com/products/pki/lunaSA.asp)
SafeNet Luna PCI (http://www.safenet-inc.com/products/pki/lunaPCI.asp)
SafeNet ProtectServer External (http://www.safenet-inc.com/products/pki/psext.asp)

TAGPMA HSM Services

Dhiva offers the DOEGrids netHSMs for use by other TAGPMA CAs. Contact dhiva@es.net for details.

References

End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.8 | > | r1.7 | > | r1.6 | Total page history | Backlinks

You are here: Main > HSMOverview

to top

Copyright © 1999-2012 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback