HSM & Decanus Terminal

MassiveGRID’s Private Clusters are secured with Hardware Security Modules. Our clients can use the Security Terminal to control 100% of their Private Clouds.

 

You have the ability to generate strong encryption keys for your Private Cluster and manage them fully secured via cryptographic pairing it with each HSM.

 

Each remote control terminal enables you to manage up to 64 HSMs at different locations anywhere in the world.

HSM Overview

Key Management and Encryption

Encryption keys generation, secure storage, and distribution of keys. Multiple HSMs can be grouped together in a self-synchronizing cluster to support geo-redundancy and load balancing. Each HSM can be partitioned for multiple applications. Support for symmetric (AES, 3DES), asymmetric (RSA, ECC, Diffie-Hellman), cryptographic hash algorithms (SHA-2, SHA-3), as well as advanced encryption standard-cipher message authentication code (AES-CMAC) for symmetric key diversification.

True Random Numbers Generation (TRNG)

High-entropy encryption keys are paramount to providing the highest security. Multiple true random number generation (TRNG) modules ensure randomness during key generation. They are built up with separate hardware components and get their randomness from different physical noise mechanisms.

Ultra-Secure Vault

HSM also contains an ultra-secure vault implemented inside a dedicated security chip. This Common Criteria (CC EAL 5+) certified device offers offline storage for PKI root keys and other critical keys.

Crypto-Agile Architecture

Due to its dynamic architecture, the HSM is quantum computer ready. Should quantum computers make any of the supported algorithms become obsolete, then a quantum computer-safe algorithm may be installed through a firmware/software upgrade.

HSM Business Advantage

Unlimited Users

There is no limit on the number of users and clients that can access the Primus X-Series HSM. Applications can connect either through Java (JCE/JCA), Windows (CNG, PKCS#11), or Linux (PKCS#11, openSSL) providers to the Primus X-Series.

Over 1 Million Keys

The Primus X-Series hardware security module can be configured with up to 120 partitions, each providing up to 240MB of protected storage space. It can securely hold over one million keys or objects.

Prevent Tampering

Special care has been taken in the Primus X-Series HSM to detect and prevent tampering that goes beyond FIPS and Common Criteria certification requirements. Multiple tamper sensors ensure proper operation and handling of the Primus X-Series HSM. If triggered, all key material will be erased.

Store Keys

The Primus X-Series HSM stores cryptographic keys and provision encryption, decryption, authentication, and digital signing services. They are essential to managing and providing protection for transactions, identities, and applications.

Protect Sensitive Data

Protect your sensitive data and transactions with industry-leading security in the highest performance HSM. Integrate the Primus X-Series Hardware encryption devices directly into environments for on-site data security.

Transport Protection

The tamper sensors are also in operation when the HSM is unpowered. So, even when the HSM is in transit or held in storage, the HSM is protecting itself against any attempt to manipulate it and will notify its owner when powered up again.

Decanus Terminal Overview

Efficient Management from your Desk

Decanus connects securely to your HSM over the network (TCP/IP, AES 256). It offers the functionality of the Primus HSM front panel on a touch screen display. Most configuration, management, and control tasks can be performed without visiting multiple data centers.

Decentralized Partition Management

Partition users can use Decanus to connect to and manage a partition without having to involve or trust the device administrator. This way an organization can meet the strictest security policies by allowing each business application and unit to fully control its secure keystore.

Security by Two-Factor Authentication with Smartcards

Users of Primus HSM E-Series benefit from Decanus from the two-factor authentication with smart cards. The cryptological secured initial pairing between Decanus and the managed HSMs enforces communication at the highest security level.

Intuitive Touchscreen

With an industrial quality touch screen, Decanus simplifies management and operational tasks. It also allows you to monitor the overall status of your HSM.

Decanus Business Advantage

Simple and secure management and control of Primus HSM and its partitions from your desk.

Central management of your HSM cluster - no need to visit data centers.

Full decentralized administration control on individual partitions.

Highest connection security.

Two-factor authentication for Primus HSM E-Series and X-Series.

Manage up to 64 devices in different locations worldwide.

Book a Meeting with a Specialist