Issue No. 03 - May-June (2013 vol. 11)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2013.56
Benedikt Koppel , ETH Zurich
Stephan Neuhaus , ETH Zurich
Analysis of a hardware security module (HSM) revealed two flaws that could lead to security problems. The first involved key deletion; the second involved unauthorized members of a group of HSMs. Neither flaw is probably fatal, if organizations develop organizational ways to work around it. However, for organizations to apply the solutions, they must be aware of the flaws.
separation of duties, systems security, hardware security module, HSM, cryptography, high availability
S. Neuhaus and B. Koppel, "Analysis of a hardware security module's high-availability setting," in IEEE Security & Privacy, vol. 11, no. , pp. 77-80, 2013.