This topic describes different types of hardware security modules (HSMs) that are supported by Cloud Hardware Security Module. This topic also describes the API specifications, encryption algorithms, and performance references of HSMs.
GVSMs
Cloud Hardware Security Module supports Federal Information Processing Standards (FIPS)-certified general virtual security modules (GVSMs). The following table describes the encryption algorithms and API specifications of GVSMs.
Feature | Description |
Description | The hardware and firmware of GVSMs are validated by FIPS 140-2 Level 3. Cloud Hardware Security Module allows you to manage keys in a secure and reliable manner and ensures reliable data encryption and decryption by using multiple encryption algorithms. |
API specifications | PKCS#11 is used. |
Encryption algorithms |
|
Performance references |
|
HSM cluster feature
Cloud Hardware Security Module provides the HSM cluster feature. You can use the feature to associate and manage a group of HSMs that reside in different zones of the same region and are used by the same service in a centralized manner. The feature provides high availability, load balancing, and scale-out capabilities for cryptographic operations. An HSM cluster includes one master HSM and multiple non-master HSMs. In a cluster, HSMs that reside in the same zone use the same subnet.