HSM for electronic seal
For those developing safe and efficient solutions.
KIR offers HSM (Hardware Security Module) solution, a Thales Connect+ module (network version) for electronic seal.
Thales nShield Connect+ is a scalable HSM network security module that integrates easily with many security infrastructure applications, such as Microsoft Certificate Services (PKI), Entrust Authority Security Manager, RSA Certificate Manager, Oracle Database and Microsoft SQL Server.
Standard API (PKCS#11, JCE, Microsoft CAPI and CNGn) enables nShield Connect to provide hardware protection for critical security applications such as Public Key Infrastructure (PKI), databases, application and web servers. nShield Connect not only has unprecedented performance in this class of devices, but also features fully redundant power supply and cooling. High availability, scalability and remote management make nShield Connect the ideal solution for e-business.
The security of Thales modules in nShield product line is confirmed by FIPS 140-2 Level 3 and Common Criteria EAL4+ certificates.
Electronic Seal Infrastructure
When building the infrastructure for electronic seal service, KIR offers a solution based on the Thales HSM devices and Szafir SDK programming components.
The solution includes:
- qualified certificate for electronic seal,
- HSM cryptographic module installed on the customer's premises or in the KIR cloud for storing private keys, generating stamps and authorizing time-stamping requests;
- Szafir SDK programming components that enable integrating the electronic seal generation and time stamping with customer systems that provide communication with HSM devices using PKCS#11;
- qualified time stamps that reliably verify the time of affixing documents with electronic seals.
To learn more about the offer, please contact us using the following form.
Using HSM devices in the infrastructure has the following advantages:
- security of Thales modules in nShield product line confirmed by FIPS 140-2 Level 3 and Common Criteria EAL4+ certificates,
- compliance with eIDAS requirements,
- securing and isolating sensitive cryptographic operations and assigning keys for critical applications in the organization,
- reducing the cost of maintaining compliance (one network module for multiple applications),
- the customer chooses the number of keys generated in the HSM, and thus can store the keys for different signatures or seals in the HSM,
- scalability and the option to add more HSM modules,
- ensuring high availability and failover - if two HSMs are used in two data centers of the customer,
- smooth failover and load balancing in several HSM devices,
- simplifying the management of cryptographic keys,
- remote administration of HSM devices,
- monitoring the operation of HSM devices, e.g. via SNMPv3 protocol.
The performance of the offered HSM Thales nShield Connect+ devices is as follows:
Basic technical parameters of HSM Thales nShield Connect+ devices
Supported symmetric cryptographic algorithms
|Supported asymmetric cryptographic algorithms||
|Supported cryptographic hash algorithms||
|Supported operating systems||