SafeNet Java HSM for Web Application Security

SafeNet Java HSM IconSafeNet Java HSM – formerly Luna SP – provides a secure platform for the deployment of Web applications, Web services, and Java applications that require the highest levels of trust by combining a standard application server platform and a dedicated hardware security module (HSM) within a single security appliance.

Java Web Application Security Highlights:

 

SafeNet Java HSM supports the J2S development environment and is pre-populated with standard tools to simplify application development. A Web server, SOAP stack, and J2SE compliant XML Web service container are preinstalled and optimized to support XML and Web services applications running on SafeNet Java HSM.

Custom applications can be developed quickly and easily, simplifying design and testing, shortening development cycles, and eliminating the need for propriety development funds.

 

Applications installed on SafeNet Java HSM execute within a protected application container to ensure that application code and system code are isolated. Applications executing within this trusted environment have exclusive access to the SafeNet Java HSM through a policy layer separating the application from the HSM.

 

SafeNet Java HSM increases application security by providing a trusted execution environment that protects an application’s sensitive software components and cryptographic keys from physical, logical, and operational threats.

Customer-provided application code is digitally signed and securely installed on the SafeNet Java HSM to assure code integrity and prevent the execution of unauthorized applications. SafeNet Java HSM features an integrated FIPS 140-2, Level 3 validated HSM that provides hardware protection for cryptographic keys and processes.

 

Split administrative roles, including M of N multi-person authentication, and flexible security policy management, maintain tight control over sensitive administrative functions, including code loading and management of cryptographic keys. Rigorous logging features monitor access and cryptographic key usage.

University of Texas - Java web application security case study

Case Study: The University of Texas

The Information Security Office at the University of Texas at Austin needed a robust hardware security module (HSM) that met stringent demands and Java application security requirements—and SafeNet Java HSM platforms were up to the task.

SafeNet Java HSM Specifications:

Feature

Details

Java Services  
  • Java J2SE (JVM)
  • Xerces (XML parsing)
  • Apache Tomcat (Application and Webserver)
  • Apache Axis (SOAP)
Cryptography  
  • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
  • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
  • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
  • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)
Crytographic APIs   PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
Rack Mountable   Standard 19" EIA rack mount chassis (1U height)
Dimensions   19.0” x 20.6” x 3.45” (482.6mm x 523.2mm x 87.7mm)
Weight   35lb (15.9kg)
Input Voltage   100-240V, 50-60Hz
Power Consumption   180W maximum, 155W typical
Temperature   Operating 0° to 40°C
Relative Humidity   5% to 95% (38°C) non-condensing
Certifications   FIPS 140-2 Level 2 and Level 3
Compliance  
  • UL, CSA, CE
  • FCC, KC Mark, VCCI, CE
  • RoHS, WEEE
Management   M of N support for division of command

SafeNet Java HSM for Web Applications Security

Sample Use Cases:

Green Cryptographic Key Icon
  • PKI key generation & key storage storage (online CA keys & offline CA keys)
  • Certificate validation & signing
  • Document signing
  • Transaction processing
  • Database encryption
  • Smart card issuance

Features:

  • Two factor authentication – including multi-level access control
  • Protected application execution environment
  • Signed code prevents unauthorized execution
  • Application auto restart
  • Standard tools for rapid development
  • Connects to standard TCP/IP (Internet Protocol) networks
  • Integrated SafeNet K5 cryptographic engine is capable of up to 5,500 transactions per second to eliminate cryptographic processing bottlenecks

Benefits:

  • SafeNet Java HSM can be deployed anywhere on the network
  • Leverages standard Java development tools for easy programmability
  • Facilitates development of custom applications
  • Optimized to support XML and Web Services applications
  • Reduces system overhead
  • Prevents unauthorized execution
Back to Top

Contact Us

Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto or to be contacted by a Gemalto specialist.

Your Information

* Email Address:  
* First Name:  
* Last Name:  
* Company Name:  
* Phone:  
* Country:  
* State (US Only):  
* Province (Canada/Australia Only):  
Comments:  
 


By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.