Cloud HSM: Difference between revisions
From Cramsession
Jump to navigationJump to search
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
| Line 30: | Line 30: | ||
* Managed by AWS. | * Managed by AWS. | ||
* Integrates with AWS services. | * Integrates with AWS services. | ||
= Cloud HSM Use cases = | |||
* Key management in tamper resistant hardware. | |||
* Curtail in PKI systems. | |||
* Digital rights management - copyright laws. | |||
* Code signing. | |||
* High security applications. | |||
Revision as of 23:11, 4 June 2025
Overview
- This is a managed services for data encryption.
- HSM = Hardware Security Module [1]
- Validated to FIPS 140-2 Level 3
- Generate encryption keys
A cloud HSM is a custom keystore.
- Allows the storage of keys outside the KMS in side the CloudHSM cluster.
- Useful if the key material cannot be stored in a shared environment.
Cloud HSM is deployed as a cluster:
- The default size is 6 per account per region.
- Cloud HSM manages key synchronizations for you.
Cloud HSM features
- High availability.
- Load balancing.
- Replication.
- Scaling.
- Managed by AWS.
- Integrates with AWS services.
Cloud HSM Use cases
- Key management in tamper resistant hardware.
- Curtail in PKI systems.
- Digital rights management - copyright laws.
- Code signing.
- High security applications.
