The Interface:
The Key to the Application
3 In This Chapter
Which interfaces exist today for HSMs
The purpose of each interface
We’re all familiar with the logical software interfaces in IT. Taking a look at
an HSM means being faced with different interfaces for which the diverse
array of applications and operating systems is designed. Looking at application
interfaces (hereafter called APIs) from the viewpoint of the HSM means identifying
three APIs that are essentially logically independent:
Figure 3.1: Logical software interfaces of an HSM
Key Management API:
This API is the channel to the HSM for running all administrative functions
pertaining to keys. These functions include, for example, the secured key
backup and restore of key data in the HSM, and transport key generation.
Command API:
This is the API to the HSM for accessing the cryptographic functions of the
HSM. Also included are advanced functions such as key generation and the
import/export of key records.
21
