The Sun Crypto Accelerator 6000 PCI-E card (SCA 6000 card) is a combined cryptographic accelerator and Hardware
Security Module (HSM) that can be used to accelerate Secure Sockets Layer (SSL) and IPSec sessions, as well as perform
arious financial services related cryptographic functions. Qualified as a FIPS 140-2 level 3 device, the SCA 6000 card
is designed to prevent the disclosure or corruption of cryptographic keying material, intermediate cryptographic results,
or other sensitive data. A direct key loading interface is incorporated to enable the secure entry of keying material.
Since sensitive keying material does not cross system, network, or application boundaries, potential avenues of interception and
attack are eliminated.
The security of a cryptographic device is dependent upon not only the anti-tamper circuitry and design of the device itself,
but also the processes and procedures used to initialize the device, and perform key management and application level transactions.
This Sun BluePrints article assumes a working knowledge of financial services and contemporary security issues, and discusses some
control mechanisms. It describes some of the processes and procedures needed to make the SCA 6000 card available to an application
performing financial services transactions such as PIN management and verification, and card verification.
Note: This article is available in PDF Format only.
Questions/comments for this article? Ask/tell us.
 to the top |
back to Home |
download PDF format
|
