Cryptographic Architecture

A hardware-based cryptographic system consists of three general components:

>One or more hardware security modules (HSMs) for key processing and storage.

>High-level cryptographic API software. This software uses the HSM's cryptographic capabilities to provide security services to applications.

>Access provider software to allow communication between the API software and the HSMs.

Operating in network mode, a standalone SafeNet ProtectServer Network HSM can provide key processing and storage.

In network mode, access provider software is installed on the machine hosting the cryptographic API software. The access provider allows communication between the API and the SafeNet ProtectServer Network HSM over a TCP/IP connection. The HSM can therefore be located remotely, improving the security of cryptographic key data

The figure below depicts a cryptographic service provider using the SafeNet ProtectServer Network HSM in network mode.

Figure 1: SafeNet ProtectServer Network HSM implementation


Customer Support Portal

SafeNet ProtectToolkit 5.7 Product Documentation  08 January 2020  Copyright 2009-2020 Gemalto. All rights reserved.