HSM & Decanus Terminal
MassiveGRID’s Private Clusters are secured with Hardware Security Modules. Our clients can use the Security Terminal to control 100% of their Private Clouds.
You have the ability to generate strong encryption keys for your Private Cluster and manage them fully secured via cryptographic pairing it with each HSM.
Each remote control terminal enables you to manage up to 64 HSMs at different locations anywhere in the world.
HSM Overview
Key Management and Encryption
Encryption keys generation, secure storage, and distribution of keys. Multiple HSMs can be grouped together in a self-synchronizing cluster to support geo-redundancy and load balancing. Each HSM can be partitioned for multiple applications. Support for symmetric (AES, 3DES), asymmetric (RSA, ECC, Diffie-Hellman), cryptographic hash algorithms (SHA-2, SHA-3), as well as advanced encryption standard-cipher message authentication code (AES-CMAC) for symmetric key diversification.
True Random Numbers Generation (TRNG)
High-entropy encryption keys are paramount to providing the highest security. Multiple true random number generation (TRNG) modules ensure randomness during key generation. They are built up with separate hardware components and get their randomness from different physical noise mechanisms.
Ultra-Secure Vault
HSM also contains an ultra-secure vault implemented inside a dedicated security chip. This Common Criteria (CC EAL 5+) certified device offers offline storage for PKI root keys and other critical keys.
Crypto-Agile Architecture
Due to its dynamic architecture, the HSM is quantum computer ready. Should quantum computers make any of the supported algorithms become obsolete, then a quantum computer-safe algorithm may be installed through a firmware/software upgrade.
HSM Business Advantage
Unlimited Users
There is no limit on the number of users and clients that can access the Primus X-Series HSM. Applications can connect either through Java (JCE/JCA), Windows (CNG, PKCS#11), or Linux (PKCS#11, openSSL) providers to the Primus X-Series.
Over 1 Million Keys
The Primus X-Series hardware security module can be configured with up to 120 partitions, each providing up to 240MB of protected storage space. It can securely hold over one million keys or objects.
Prevent Tampering
Special care has been taken in the Primus X-Series HSM to detect and prevent tampering that goes beyond FIPS and Common Criteria certification requirements. Multiple tamper sensors ensure proper operation and handling of the Primus X-Series HSM. If triggered, all key material will be erased.
Store Keys
The Primus X-Series HSM stores cryptographic keys and provision encryption, decryption, authentication, and digital signing services. They are essential to managing and providing protection for transactions, identities, and applications.
Protect Sensitive Data
Protect your sensitive data and transactions with industry-leading security in the highest performance HSM. Integrate the Primus X-Series Hardware encryption devices directly into environments for on-site data security.
Transport Protection
The tamper sensors are also in operation when the HSM is unpowered. So, even when the HSM is in transit or held in storage, the HSM is protecting itself against any attempt to manipulate it and will notify its owner when powered up again.
Decanus Terminal Overview
Efficient Management from your Desk
Decanus connects securely to your HSM over the network (TCP/IP, AES 256). It offers the functionality of the Primus HSM front panel on a touch screen display. Most configuration, management, and control tasks can be performed without visiting multiple data centers.
Decentralized Partition Management
Partition users can use Decanus to connect to and manage a partition without having to involve or trust the device administrator. This way an organization can meet the strictest security policies by allowing each business application and unit to fully control its secure keystore.
Security by Two-Factor Authentication with Smartcards
Decanus connects securely to your HSM over the network (TCP/IP, AES 256). It offers the functionality of the Primus HSM front panel on a touch screen display. Most configuration, management, and control tasks can be performed without visiting multiple data centers.
Intuitive Touchscreen
Partition users can use Decanus to connect to and manage a partition without having to involve or trust the device administrator. This way an organization can meet the strictest security policies by allowing each business application and unit to fully control its secure keystore.
Decanus Business Advantage
Simple and secure management and control of Primus HSM and its partitions from your desk.
Central management of your HSM cluster – no need to visit data centers.
Full decentralized administration control on individual partitions.
Highest connection security.
Two-factor authentication for Primus HSM E-Series and X-Series.
Manage up to 64 devices in different locations worldwide.
