The Secure Sockets Layer (SSL) protocol secures client-server communication sessions through the use of public key authentication and strong encryption. SSL’s added security allows online transactions to be conducted over public networks, like the Internet, while maintaining the privacy of the data transmitted between the client and server. When used in conjunction with web-based applications, SSL allows transactions requiring the exchange of valuable or sensitive information, like banking, brokerage and healthcare, to be conducted securely across the Internet.
SSL relies on the use of trusted digital credentials and both symmetric and asymmetric cryptographic techniques to establish sessions between clients and servers. If the digital certificates used to authenticate the identity of a web server can be stolen or copied, SSL can be compromised. Addressing the issues and establishing true SSL certificate security stems from the use of Hardware Security Modules (HSMs) as the root of trust.
Securing SSL keys with Hardware Security Modules
Hardware Security Modules (HSMs) from Thales are designed to provide a FIPS 140-2-validated hardware-based environment within which the SSL private keys are generated, stored and used – eliminating the risks associated with storing private keys in a more vulnerable software repository.
By providing physical and logical isolation of key materials from the computers and applications that use them, HSMs make it almost impossible to extract key materials through traditional network attacks.
Learn More About HSMs