Some good information/links on HSM and related technologies
https://en.wikipedia.org/wiki/Hardware_security_module
Safenet Luna, which is one of the popular HSMs in the market : http://cloudhsm-safenet-docs-5.3.s3-website-us-east-1.amazonaws.com/007-011136-006_lunasa_5-3_webhelp_rev-c/startpage.htm#disclaimer.htm%3FTocPath%3D_____1
Cloud HSM (Based on Safenet Luna) : https://aws.amazon.com/cloudhsm/
Very good blog entry on mapping OpenSSL with HSMs using OpenSSL PKCS11 engine interface : http://blog.go-lan.net/connect-a-hardware-security-module-to-openssl/. More details on actual steps with an example can be found here: http://blog.go-lan.net/openssl-hsm-integration/
One more resource describing the OpenSSL integration : https://nlnetlabs.nl/downloads/publications/hsm/hsm.pdf One more place to get the same document: http://www.dnssec.cz/files/nic/doc/hsm.pdf
PKCS11 standard : ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
Openstack Barbican provides key management functionality and it can be enhanced to use HSM internally. More informationc an be found at : https://wiki.openstack.org/wiki/Barbican
https://en.wikipedia.org/wiki/Hardware_security_module
Safenet Luna, which is one of the popular HSMs in the market : http://cloudhsm-safenet-docs-5.3.s3-website-us-east-1.amazonaws.com/007-011136-006_lunasa_5-3_webhelp_rev-c/startpage.htm#disclaimer.htm%3FTocPath%3D_____1
Cloud HSM (Based on Safenet Luna) : https://aws.amazon.com/cloudhsm/
Very good blog entry on mapping OpenSSL with HSMs using OpenSSL PKCS11 engine interface : http://blog.go-lan.net/connect-a-hardware-security-module-to-openssl/. More details on actual steps with an example can be found here: http://blog.go-lan.net/openssl-hsm-integration/
One more resource describing the OpenSSL integration : https://nlnetlabs.nl/downloads/publications/hsm/hsm.pdf One more place to get the same document: http://www.dnssec.cz/files/nic/doc/hsm.pdf
PKCS11 standard : ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
Openstack Barbican provides key management functionality and it can be enhanced to use HSM internally. More informationc an be found at : https://wiki.openstack.org/wiki/Barbican
No comments:
Post a Comment