Misplaced Pages

#697302

17-714: [REDACTED] Look up HCM in Wiktionary, the free dictionary. HCM may refer to: Eyl Airport , in Puntland, Somalia Historical-critical method Halifax Conservatory of Music , in Canada Harrow Central Mosque , in England Hausdorff Center for Mathematics , in Bonn, Germany Highway Capacity Manual Hierarchical Clustering Method (asteroids) ,

34-460: A smartcard or some other security token . HSMs are used for real time authorization and authentication in critical infrastructure thus are typically engineered to support standard high availability models including clustering , automated failover , and redundant field-replaceable components . A few of the HSMs available in the market have the capability to execute specially developed modules within

51-475: A calculation to group asteroids into families Hitachi Construction Machinery Ho Chi Minh , Prime Minister (1945–1955) and President (1945–1969) of North Vietnam Ho Chi Minh City , in Vietnam Human capital management, a subset of practices related to human resource management Hypertrophic cardiomyopathy , a disease of the myocardium (the muscle of the heart) Hardware cryptographic module,

68-419: A calculation to group asteroids into families Hitachi Construction Machinery Ho Chi Minh , Prime Minister (1945–1955) and President (1945–1969) of North Vietnam Ho Chi Minh City , in Vietnam Human capital management, a subset of practices related to human resource management Hypertrophic cardiomyopathy , a disease of the myocardium (the muscle of the heart) Hardware cryptographic module,

85-472: A combination of chips in a module that is protected by the tamper evident, tamper resistant, or tamper responsive packaging. A vast majority of existing HSMs are designed mainly to manage secret keys. Many HSM systems have means to securely back up the keys they handle outside of the HSM. Keys may be backed up in wrapped form and stored on a computer disk or other media, or externally using a secure portable device like

102-470: A type of hardware security module (HSM) Topics referred to by the same term [REDACTED] This disambiguation page lists articles associated with the title HCM . If an internal link led you here, you may wish to change the link to point directly to the intended article. Retrieved from " https://en.wikipedia.org/w/index.php?title=HCM&oldid=1254049925 " Category : Disambiguation pages Hidden categories: Short description

119-470: A type of hardware security module (HSM) Topics referred to by the same term [REDACTED] This disambiguation page lists articles associated with the title HCM . If an internal link led you here, you may wish to change the link to point directly to the intended article. Retrieved from " https://en.wikipedia.org/w/index.php?title=HCM&oldid=1254049925 " Category : Disambiguation pages Hidden categories: Short description

136-411: Is becoming increasingly important. An increasing number of registries use HSMs to store the key material that is used to sign large zonefiles . OpenDNSSEC is an open-source tool that manages signing DNS zone files . On January 27, 2007, ICANN and Verisign , with support from the U.S. Department of Commerce , started deploying DNSSEC for DNS root zones . Root signature details can be found on

153-539: Is different from Wikidata All article disambiguation pages All disambiguation pages HCM [REDACTED] Look up HCM in Wiktionary, the free dictionary. HCM may refer to: Eyl Airport , in Puntland, Somalia Historical-critical method Halifax Conservatory of Music , in Canada Harrow Central Mosque , in England Hausdorff Center for Mathematics , in Bonn, Germany Highway Capacity Manual Hierarchical Clustering Method (asteroids) ,

170-511: Is different from Wikidata All article disambiguation pages All disambiguation pages Hardware security module HSMs may have features that provide tamper evidence such as visible signs of tampering or logging and alerting, or tamper resistance which makes tampering difficult without making the HSM inoperable, or tamper responsiveness such as deleting keys upon tamper detection. Each module contains one or more secure cryptoprocessor chips to prevent tampering and bus probing , or

187-472: The 3rd version, often referred to as FIPS 140-3). Although the highest level of FIPS 140 security certification attainable is Security Level 4, most of the HSMs have Level 3 certification. In the Common Criteria system the highest EAL (Evaluation Assurance Level) is EAL7, most of the HSMs have EAL4+ certification. When used in financial payments applications, the security of an HSM is often validated against

SECTION 10

#1732855146698

204-676: The HSM requirements defined by the Payment Card Industry Security Standards Council . A hardware security module can be employed in any application that uses digital keys. Typically, the keys would be of high value - meaning there would be a significant, negative impact to the owner of the key if it were compromised. The functions of an HSM are: HSMs are also deployed to manage transparent data encryption keys for databases and keys for storage devices such as disk or tape . Some HSM systems are also hardware cryptographic accelerators . They usually cannot beat

221-627: The HSM's secure enclosure. Such an ability is useful, for example, in cases where special algorithms or business logic has to be executed in a secured and controlled environment. The modules can be developed in native C language , .NET, Java , or other programming languages. Due to the critical role they play in securing applications and infrastructure, general purpose HSMs and/or the cryptographic modules are typically certified according to internationally recognized standards such as Common Criteria (e.g. using Protection Profile EN 419 221-5, "Cryptographic Module for Trust Services") or FIPS 140 (currently

238-403: The HSMs may be used by certification authorities (CAs) and registration authorities (RAs) to generate, store, and handle asymmetric key pairs. In these cases, there are some fundamental features a device must have, namely: On the other hand, device performance in a PKI environment is generally less important, in both online and offline operations, as Registration Authority procedures represent

255-525: The banking market are the Payment Card Industry Security Standards Council , ANS X9 , and ISO . Performance-critical applications that have to use HTTPS ( SSL / TLS ), can benefit from the use of an SSL Acceleration HSM by moving the RSA operations, which typically requires several large integer multiplications, from the host CPU to the HSM device. Typical HSM devices can perform about 1 to 10,000 1024-bit RSA operations/second. Some performance at longer key sizes

272-541: The performance bottleneck of the Infrastructure. Specialized HSMs are used in the payment card industry. HSMs support both general-purpose functions and specialized functions required to process transactions and comply with industry standards. They normally do not feature a standard API . Typical applications are transaction authorization and payment card personalization, requiring functions such as: The major organizations that produce and maintain standards for HSMs on

289-648: The performance of hardware-only solutions for symmetric key operations. However, with performance ranges from 1 to 10,000 1024-bit RSA signatures per second, HSMs can provide significant CPU offload for asymmetric key operations. Since the National Institute of Standards and Technology (NIST) is recommending the use of 2,048 bit RSA keys from year 2010, performance at longer key sizes has become more important. To address this issue, most HSMs now support elliptic curve cryptography (ECC), which delivers stronger encryption with shorter key lengths. In PKI environments,

#697302