HSM for Dummies
HSM Formats
The classic format of an HSM is certainly the plug-in card. This is essentially an
adapter card via which the secured computer unit enables the connection to the
host computer, and that simultaneously activates the secured area of the hardware
module. Figure 2.1 shows different variants of HSMs that we explain in
more detail further on.
Figure 2.1: Hardware security module formats
Another widespread HSM format is the network appliance, or server variant.
This is essentially an HSM activated directly using TCP/IP, so the host computer
can link it directly into a network.
Can you see the benefits of the plug-in card over the server variant?
The card is the product of choice when the requirement is a one-toone
relationship between the application and the trust anchor (HSM).
The network appliance is the preferred form factor for use in data centers
where it operates as the root of trust for distributed applications.
16
