SafeNet Authentication Service with Thales Luna HSM - Integration Guide

This document provides you the steps for integrating SafeNet Authentication Service (SAS) with a Luna HSM. It demonstrates how to configure a SafeNet Authentication Service (SAS) to secure the AES encryption key within a Luna HSM. Thales Luna HSM is an external hardware security module that is available for use with SafeNet Authentication Service (SAS). Luna HSM with SAS is used to secure encryption keys that protect sensitive data. Multiple Luna HSMs can be configured as a High Availability (HA) group with SAS that ensure the availability of encryption keys.

The benefits of using a Luna HSM to generate the encryption key to protect sensitive data for SafeNet Authentication Service (SAS) include:

- Secure generation, storage and protection of the private keys on FIPS 140-2 level 3 validated hardware.

- Full life cycle management of the keys.

- HSM audit trail.

- Significant performance improvements by off-loading cryptographic operations from servers.