openstack team mailing list archive
-
openstack team
-
Mailing list archive
-
Message #16709
Open Stack and (HSM) Hardware security modules
My name is Mark Yakabuski, from SFNT, we are an HSM vendor (I want to be transparent on that).
We are looking at integrating our HSM API's into Open Stack. This email is not intended to market HSMs - it is intended to identify what the Open Stack community might find valuable in an HSM integration.
As some background, in case you are not aware of what HSMs are or where they get used (apologize for those that already know):
Where do HSMs get used today? Here are some examples:
- PKI CA's, OCSP, RA's
- SSL cert vaulting
- Financial Transactions
- Time stamping
- E-Document signing
- Admin PW vaulting
- DNSSEC
- Secure Manufacturing
- Smart Grid (AMI)
- Code Signing
- E-passport Issuance
HSMs are FIPS and Common Criteria Validated Hardware devices, used to securely protect/offload/accelerate the keys/operations needed for high assurance and high value transactions. HSMs protect the lifecycle of the keys; creation, backup, usage and destruction, within the Secure validated envelope of the HSM. One of the largest benefits of HSMs is their value in Industry compliance, and the secure log/audit capabilities they provide for the who/what/when operations they perform.
I am looking for opinions/feedback on the interest in this offering.
Are there any opinions on:
- what capabilities the Open Stack community would like to see from an HSM?
- The use cases where the Open Stack community would use an HSM?
Mark Yakabuski
VP Product Management HSM
SafeNet-inc
mark.yakabuski@xxxxxxxxxxxxxxx
613-614-3407
The information contained in this electronic mail transmission
may be privileged and confidential, and therefore, protected
from disclosure. If you have received this communication in
error, please notify us immediately by replying to this
message and deleting it from your computer without copying
or disclosing it.
