The Black Vault HSM.TAC is an Ethernet attached Hardware Security Module that combines a cryptographic advanced HSM with a Smart Card Reader.
The Black Vault HSM.TAC is an independently certified standards based security module that performs key management and cryptographic operations for: application data, regulatory compliance and critical security systems employed by governments, PKI, enterprises.
Two-factor authentication and administrator roles with M of N prevents unauthorized access to critical security parameters.
Portable / Embeddable Form Factor
The compact “hard drive” form-factor and battery backed solid state key storage makes it possible to secure cryptographic keys in an HSM appliance that easily fits in a safe. The small form factor with Ethernet connection also supports mounting the Black Vault HSM.TAC within application servers and other compact environments.
Military Grade Tamper Reactive
The Cryptographic Boundary is within Secure CPU’s silicon.
The Die Shield has dynamic fault detection with real time environmental and active tamper detection circuitry.
• Achieves Active Level 3+ Tamper
• Eliminates Inadvertent Tamper
• Transport Safe
TAC – Tactical
By design the Black Vault HSM.TAC is a rugged, small form factor, certified HSM that meets the key security needs for a wide array of the tactical infrastructure use cases.
PUBLIC KEY INFRASTRUCTURE
Black Vault HSM.TACs are used by commercial and private Certificate Authorities (CAs) and registration authorities (RAs) to generate, store, and manage key pairs.
The Black•Vault HSM.TAC ensures that the Private key associated with a Certificate’s public key is kept private. All cryptographic operations are executed within a 7 year battery backed semiconductor with a tamper reactive die shield.
The Black•Vault HSM.TAC provides:
• Logical and physical protection
• Multi-factor user authorization
• Full audit and log traces
• Secure key backup
SECURING SENSITIVE AND SECRET DATA
Encrypting and Decrypting data using secret keys generated and retained within the Black Vault HSM.TAC provides a certifiable level of assurance.
Performing cryptographic operations in software within a general purpose operating system has proven exploits.
The vast majority of an enterprise’s information is sensitive or secret and must be protected to prevent serious risk to operational continuity.
Employment of the Black•Vault HSM.TAC isolates and shields the critical security parameters and cryptographic operations.
CODE AND DOCUMENT SIGNING
Software Developers need to deliver Code, Patches, Scripts, and Libraries that are readily verifiable by installers as being authentic and unmodified. Similarly, electronic transfer and storage of documents increasingly requires that the validity of those documents can be ascertained.
Digital signatures provide a proven cryptographic process for code installers and document users to validate the authenticity of the publisher and content.
The critical security parameter of a code or document signing process is the private signing key.
The theft of a private code or document signing key by a person or organization with malicious intent could result in the introduction of attacks, malware, and corruption from what appears to be a “validated source”.