SecurityServer
The Utimaco SecurityServer is a general purpose Hardware Security Module that ensures the security of cryptographic key material for servers and applications.
It supports the industry standard interfaces PKCS #11, Microsoft CSP/CNG/SQLEKM and JCE interfaces. SecurityServer can be used for the most common business applications, such as:
- Public Key Infrastructure (PKI)
- Document Signing
- Code Signing
- Key Injection for securing devices in the IoT
- Database Encryption
SecurityServer – Utimaco’s general purpose Hardware Security Module
Like all Utimaco HMs SecurityServer provides scalable performance with the highest level of physical security and tamper detection and response mechanisms. Furthermore it meets and fulfills numerous compliance requirements and industry standards and supports all common cryptographic algorithms and interfaces(APIs).
All SecurityServer HSMs support configurable role-based access control (C-RBAC). The authentication mechanisms range from username/password to key files and multi-factor smartcard-based authentication. Authentication can take the form of
- single-person authentication,
- four-eyes principle authentication or
- “m out of n” schemes (e.g. 3 out of 5).
All supported cryptographic APIs perform secure key storage inside the HSM, with storage of up to several thousand keys, depending on algorithm and key size. Alternatively, keys may be stored as encrypted and integrity-protected tokens outside of the HSM. This allows the usage of a virtually unlimited number of keys. Through this high-availability and load-balancing clusters can easily be set up and synchronized.
SecurityServer is available as Se-Series or or CSe-Series HSM and includes a software HSM simulator for evaluation and integration testing.
A comprehensive Tool-Kit for the administration of the HSM and the key management completes our SecurityServer offer.
SecurityServer Se-Series Gen2 or CSe-Series?
Utimaco’s Se-Series HSMs have been designed to meet typical physical security and anti-tampering requirements. Because of that HMS of the Se-Series are qualified for the use in companies and authorities. For example for the encryption of data bases with sensitive information and in production environments for personalization und key injection for e.g. smart meters, control units of vehicles or printers and printer cartridges.
The technology of the CSe-series provides even stronger tamper-detection and tamper-response mechanisms. HSMs of the CSe-series are therefore the best choice for use in hostile and uncontrolled environments like toll bridges and in market segments with highest security requirements, such as banking and government.
Utimaco CryptoServer LAN V5
Utimaco CryptoServer Se-Series
Utimaco CryptoServer CSe-Series
Network appliance or PCIe plug-in card?
Both the SecurityServer Se-Series and CSe-Series are available as
- 19 inch network-attached appliance (CryptoServer LAN) for the use in data centers
- PCIe plug-in card to fit into your server or customized chassis.
Utimaco also offers:
- CryptoServer CP5 (eIDAS & Common Criteria compliance)
- CryptoServer Cloud, the Root of Trust for all cloud applications
- TimestampServer, our tamper-proof timestamping solution
- Deutschland HSM for secure ePassport and eID applications
Note: CryptoServer refers to the Utimaco HSM hardware, whereas SecurityServer is the Utimaco HSM software.
