HSM for Dummies Standards and Norms All these issues and requirements, in the physical protection area in particular, are detailed in ISO 19790 from 2012. This standard contains the definition of the ‘cryptographic module’ device. You can find a very good definition of different security levels and their objectives, and a detailed description of the requirements for hardware protection and software measures. It also provides a comprehensive requirement analysis of the permissions-and-roles model of an HSM. The second HSM standard we’d like to introduce to you is ISO 24759. This is the test requirement for cryptographic modules corresponding to standard ISO 19790. Conclusion You’ve seen in this section which design principles, which security requirements and which physical protection measures are deployed for HSMs. We’ve also briefly introduced to you the current standards for HSMs. These fundamental definitions appear also in the different certification schemes, such as FIPS and Common Criteria. Please head to Section 4 for more information. 20
HSM_for_Dummies
To see the actual publication please follow the link above