Issue No. 03 - May-June (2013 vol. 11)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2013.56
Stephan Neuhaus , ETH Zurich
Benedikt Koppel , ETH Zurich
Analysis of a hardware security module (HSM) revealed two flaws that could lead to security problems. The first involved key deletion; the second involved unauthorized members of a group of HSMs. Neither flaw is probably fatal, if organizations develop organizational ways to work around it. However, for organizations to apply the solutions, they must be aware of the flaws.
separation of duties, systems security, hardware security module, HSM, cryptography, high availability
Stephan Neuhaus, Benedikt Koppel, "Analysis of a hardware security module's high-availability setting", IEEE Security & Privacy, vol. 11, no. , pp. 77-80, May-June 2013, doi:10.1109/MSP.2013.56