HSM Integration for AppViewX

An HSM (Hardware Security Module) is a piece of hardware and associated software or firmware that usually resides in a PC or server and provides at least the minimal cryptographic functions. These functions include encryption, decryption, key generation, and hashing. The physical device offers physical tamper-resistance and has a user interface and a programmable interface. Other names for an HSM include Personal Computer Security Module (PCSM), Secure Application Module (SAM), Hardware Cryptographic Device, or Cryptographic Module.

For the deployment, AppViewX enables support for integrating all HSMs that support the PKCS11 library, an interface that facilitates interaction between the HSM and AppViewX. This eliminates the need to deploy vendor-specific SDKs and JAR files, thus significantly reducing the time it takes for integrating and installing an HSM.

The deployment currently supports the following four HSM vendors:
  • Utimaco
  • Fortanix
  • Entrust
  • Thales TCT
  • Thales - DPoD
  • Thales - GPN.

Accessing HSM

New Menu Old Menu
In the Platform module, from the navigation pane on the left, under VAULT & SECURITY, select HSM.

The HSM page is displayed.
  1. From the main navigation menu, select Inventory > HSM.
  2. The HSM page is displayed.
For more information on how to switch between menus, click here.

HSM Inventory

The HSM Inventory has the following options:
  • Search field - Enter text to search the configured HSMs
  • Add HSM button - Used for adding HSM configurations (Utimaco, Fortanix, Thales TCT/DPoD/GPN, Entrust) in AppViewX.
  • Master Encryption Settings button - Clicking the button displayes the HSM Encryption Settings pop up window containing instructions to securely manage the master encryption key.
  • Refresh button - Updates the latest changes made in the inventory.
  • Pagination navigation options - Used to display the number of records per page, and access the pages to view them.
The HSM Inventory has the following table:
Table 1. Field descriptions for General Information
Column Name Description
Name Displays the name of the configured HSM.
Vendor Displays the HSM vendor logo
Description Short description for the configured HSM.
HSM usage Displays the use such as CSR Generation, Master Key Encryption, or Code Signing.
Status Displays the current status of the HSM (Available, In Progress or Unavailable)
Action Contains the delete icon.
* : Mandatory fields