Porting your application
No single hardware security module vendor alone can meet all market needs in the world. At Atos, our strategy is to be truly platform open, going a step beyond merely being platform agnostic. We give editors the ability to embed their previously server-hosted appliance directly on a proven cryptographic security co-processor evaluated against international certifications.
The main technical and security benefit is the all-in-one concept developed by Trustway Proteccio, which greatly simplifies the operating mode of the cryptographic appliance unique to each end customer site. The key business benefit for editors is complete control of their business model, with no interference whatsoever from the HSM vendor.
In order to address a wide variety of performance and cost requirements, you have the flexibility to choose from two variants, while the editors’ cryptographic appliance still delivers the same security-certified cryptographic hardware and firmware.
Certified high security: the Trustway Proteccio HSM hardware and software is designed, implemented and manufactured totally by Atos in France. CC EAL4+ certification, Reinforced Qualification (ANSSI QR)*, NATO SECRET and EU RESTRICTED agreements cover hardware and software implementation. FIPS 140-2 level 3 is currently in progress.
*V128/X130 et N° 198/ANSSI/SDE/PSS/BQA version.
Virtual HSM: Trustway Proteccio provides a secure platform to embed your software. Your software will benefit from a tamper-proof, CC EAL4+ certified environment. Code is signed to guarantee code integrity and prevent unauthorized code execution. All sensitive data used by your application are strongly protected by the physical architecture of the Trustway Proteccio hardware security module.
Cryptographic appliance: The Trustway Proteccio is the only HSM that provides the opportunity to offer a cryptographic appliance that embeds the entire environment, operating system and application. You have a real execution environment (HDD, RAM, MicroChip) with a dedicated USB interface and Ethernet. You can deploy your application on just one piece of equipment for simple installation into the customer environment.
Manageability: Trustway Proteccio comes with a user friendly application to administer, configure and manage the HSM, including security policy, user rights, key management, SM configuration and updates.
► Common Criteria EAL4+ compliant with CWA 14167-2 PP
► FIPS 140-2 Level 3 (in progress)
► EU RESTRICTED
► NATO SECRET
► «Qualification Renforcée» (the highest qualification from the ANSSI)
► Compliant with eIDAS
► Asymmetric encryption: RSA
► Symmetric encryption: AES 128 to 256, 3DES
► Digital Signing: RSA PSS, PKCS v1.5, ECDSA
► Hash: MD5, SHA-1, SHA 256, SHA 384, SHA 512
► Supported named curves: ANSI, NIST, ANSSI
► Asymmetric: Up to 1600 sign/s
► Symmetric: Up to 200Mbits encrypted per second
► Dual Ethernet port for LAN connection
► 4 x USB ports
► Editor dev platform (development platform + signature platform)
► Appliance (final client)
► Additional virtual HSM license
► Additional batch of cards
HSM Trustway Proteccio OEM provides editors and integrators with an open and secure hardware platform for the design of certified and ongoing cryptographic appliances…
Compliant, flexible and innovative, our range of hardware security modules provides companies and critical infrastructures the reliability of an innovative and robust architecture in compliance with strict security demands.
Discover how Trustway’s portfolio gives organizations navigating GDPR the tools they need to solve these challenges according to the shape of their operations and their IT architecture.
Other HSM products
Trustway Proteccio NetHSMTrustWay Proteccio NetHSM is a hardware security module (HSM) providing software solutions with a high-performance and highly secure environment
Visit product page >
Trustway Crypt2payCrypt2pay is the specialist HSM (Hardware Security Module) designed to secure withdrawal and payment transactions
Visit product page >
Trustway DataProtectTrustway DataProtect is a data encryption solution to guarantee data security and the control on the data access
Visit product page>