HSM for Dummies
Apache Tomcat
TrueCrypt
Oracle Database
Also, different security applications (such as a Public Key Infrastructure (PKI)
application or card-management system) naturally provide the capability of linking
in an HSM using a defined interface.
We introduce the HSM Simulator in the appendix to this guide, there
we’ve included more information on integrating HSMs into different
applications in the form of integration guides.
Designing and Realizing Your Own API
This too is possible – ask your HSM supplier about the options. In some application
areas a clearly defined application-related interface is of major benefit compared
to a standard interface such as PKCS#11 or JCE. If the requirements you
have in your project include the following, and they’re important in your list of
critical success factors, you should be thinking seriously about designing your
own interface:
High speed in transaction processing
Auditing capability for HSM integration
Approval from experts
The connectivity of the HSM as part of an intrinsically self-contained system,
with no interfaces coming in from outside
But you need to exercise caution. Only seasoned experts should design
and implement a security API. Involving outside experts is also very
helpful.
26