The key to properly protecting your PKI environment is carefully designed procedures and policies. But how do you enforce them consistently? The integrity and assurance level of the PKI depends on ensuring organization procedures are followed at all times. Hardware security modules (HSM) are available from a number of manufacturers and are leveraged in a PKI to enforce defined procedures. HSMs can be used to ensure no one person can compromise a PKI. They can also be used to speed up signing/issuance in high-volume environments. HSMs can also be used to secure your Certificate Authority (CA) against the extraction and misuse of your CA private keys.
The proper selection, architecture and implementation of one or more HSMs in your environment is critical. Protecting critical signing keys against internal and external threats can be achieved through operational procedures as well as two-person integrity controls. HSMs can be configured to require a quorum of trust role owners to be present to authorize transactions. Environments that need an auditable chain of custody for non-repudiation can also leverage controls and protections of an HSM. The design and day-to-day history of the PKI needs to be carefully tracked and audited. This must be in place before the first component is ever installed.
HSMs can be leveraged to provide EAL 4/FIPS 140-2 level 3 protection of your PKI. PKI Solutions is very experienced with architecting and deploying Thales and Gemalto/SafeNet HSMs and can even provide your organization with assistance in selecting and acquiring the HSMs.