<img alt="" src="https://secure.weed6tape.com/193471.png" style="display:none;">
90-Day CloudHSM Free Trial – Experience Securosys CloudHSM without commitment.
Start your Free Trial
Products & Solutions
Products & Solutions
Explore our portfolio of cutting-edge cybersecurity solutions, centered around our flagship Hardware Security Modules (HSMs). From encryption and key management to secure access and authentication, our products ensure robust protection for your most critical data and systems.
menu icon
Hardware Security Module (HSM)
HSM Overview What is an HSM? Primus HSM X Cyber Vault Primus HSM X-Series Primus HSM E-Series Primus HSM S-Series Primus HSM Blockchain
menu icon
Cloud Security
Securosys CloudHSM Cloud Console What is CloudHSM? CloudHSM Service Offerings HashiCorp Vault S365 DKE - add-in for Microsoft 365 Bring Your Own Key (BYOK) External Key Store (XKS) Proxy for AWS
menu icon
Additional Products and Services
Decanus Terminal Transaction Security Broker (TSB) Key Attestation Smart Key Attributes (SKA) Docker Image Security
Partners
Support
Support
menu icon
Support
Online Documentation Support Portal System Status Trainings
finance-institution-colourful
What is ...?
What is an HSM? What is CloudHSM? What is BYOK? What is SIC system?
About
About
Learn more about our mission, explore career opportunities, and access our resources. Discover how we’re shaping the future of cybersecurity and how you can be part of it.
menu icon
Securosys SA
About Us Events News Career
menu icon
Resources
Online Documentation Blog Articles Stories and Paper Video Gallery
Contact us
  • There are no suggestions because the search field is empty.

Challenge

Today's financial and digital asset applications demand the ability to implement fine-grained policies that govern various actions on transactions. These policies may involve keys based on groups, quorums, time restrictions, or any combination of these factors. The challenge lies in ensuring robust security measures while accommodating such intricate requirements.

Solution

The Securosys HSM offers a solution by granting precise control over key usage through sophisticated authorizations. The integration of Securosys Smart Key Attributes (SKA) (link to SKA page) facilitates the enforcement of these policies and rules seamlessly.

To streamline the implementation of SKA's functionalities, the Securosys Transaction Security Broker (TSB) steps in. This standalone engine provides a REST-API and internal state management, simplifying the process. It connects to an external database instance and integrates with SKA-enabled Securosys HSM, ensuring uncompromised security as all security-relevant operations occur within the HSM.

The TSB, coupled with SKA-enabled Securosys HSM, offers unparalleled granularity in controlling key actions and operations. Finance organizations can establish highly customizable policies for authorizing operations and transactions, as well as manage key blocking/unblocking and policy adjustments with ease.

Key Benefits

shield-tools-locket-b&w
Easy Integration and Deployment
Integration is simplified via REST API, allowing for seamless incorporation into existing systems and workflows. It is also available in a Docker container, providing flexible deployment options, whether on-premises or in the cloud (e.g., MS Azure).
shield-b&w
Enhanced Performance
Hardware-accelerated digital signing capability supports up to 4000 RSA signatures at 2048 bits per second, ensuring high-speed cryptographic operations. Capable of handling larger key sizes without significant performance loss, ensuring scalability and efficiency in cryptographic processes.
lock-cyberweb-b&w-2
Highest Security Standards
Because your keys are securely stored within the HSM, TSB meet the highest security requirements. Tamper protection throughout transport, storage, and operation, cryptographic integrity is guaranteed, while continuous operations ensure consistent service delivery.

Advantages of TSB compared to Multi-signature:

  • Algorithm independent - the same process can be used for all supported crypto assets and currencies regardless whether they support multi-signature or not
  • Lower fees and better privacy because the addresses are single signature type
  • Regulatory and customer flexibility thanks to decoupling of ownership and control of the keys
  • Customizable compliance from simple to highly complex policies including time-restrictions

Advantages of TSB compared to Multi-Party Computation (MPC)

  • Time-based policies
  • Hardware tamper protection of the key material
  • Redundancy without introduction of an additional risk of key exposure
  • Secure storage of keys

 

 

Approval Process - How does it work?
Step 1
Request Approval
Approval for a key usage in a transaction payload is requested.
Step 2
Policy Retrieval
The HSM verifies key attributes and returns policies with a signed payload and timestamp to the TSB.
Step 3
Broadcast Request
The business application retrieves the request from the TSB and broadcasts it to the approval clients.
Step 4
Collect Approvals
The TSB gathers approvals until the policy is met, then sends the payload and approval data to the HSM.
Step 5
Authorization Check
The HSM validates authorization data against key attributes (SKA), the payload, and optionally the signed timestamp.
Step 6
Sign Payload
If all criteria are met, the HSM signs the payload and returns the signature

Use Cases

colourful-background-patterns-13 Multi-Quorum Financial Transaction Approval Enable high-value financial transactions that require multi-quorum (m-of-n) approvals, ensuring secure and transparent processing through blockchain integration for immutable recording.
colourful-background-patterns-11 Time-Locked Security Protocol Activation Implement security protocols that activate based on time-lock settings, automatically invalidating requests if approvals are not received within a specified timeout period.
colourful-background-patterns-14 Hybrid Approval System with HSM Protection Deploy a hybrid approval system that leverages HSMs for secure key management and cryptographic operations, integrating with various devices and supporting customizable approval policies.
colourful-background-patterns-8 Time-Based Transaction Approval Ensure transactions adhere to predefined time constraints by enforcing time-based approval restrictions, providing an additional layer of operational security.
colourful-background-patterns-7 Enhanced Key Usage Control with TSB Utilize TSB to manage and enforce complex approval policies, integrating with HSMs to ensure key usage and transaction approvals comply with complex policies and strict time-based restrictions.

Related Products

device-hsm-colourful Primus HSM Overview Gain Full sovereignty over your data with Securosys Primus HSM, ensuring the utmost security standards 3D-sphere-blocks-colourful Primus Blockchain HSM Enhancing blockchain security and crypto asset protection key-hand-b&w Smart Key Attributes Fortifying your encryption keys security with Smart Key Attributes cloudhsm-alps-locket-colourful CloudHSM CloudHSM provides a seamless, secure, and cost-effective path to achieving full compliance with data security requirements and regulations
device-hsm-colourful Primus HSM Overview Gain Full sovereignty over your data with Securosys Primus HSM, ensuring the utmost security standards
3D-sphere-blocks-colourful Primus Blockchain HSM Enhancing blockchain security and crypto asset protection
key-hand-b&w Smart Key Attributes Fortifying your encryption keys security with Smart Key Attributes
cloudhsm-alps-locket-colourful CloudHSM CloudHSM provides a seamless, secure, and cost-effective path to achieving full compliance with data security requirements and regulations
device-hsm-colourful Primus HSM Overview Gain Full sovereignty over your data with Securosys Primus HSM, ensuring the utmost security standards
3D-sphere-blocks-colourful Primus Blockchain HSM Enhancing blockchain security and crypto asset protection
key-hand-b&w Smart Key Attributes Fortifying your encryption keys security with Smart Key Attributes
cloudhsm-alps-locket-colourful CloudHSM CloudHSM provides a seamless, secure, and cost-effective path to achieving full compliance with data security requirements and regulations
device-hsm-colourful Primus HSM Overview Gain Full sovereignty over your data with Securosys Primus HSM, ensuring the utmost security standards
3D-sphere-blocks-colourful Primus Blockchain HSM Enhancing blockchain security and crypto asset protection
key-hand-b&w Smart Key Attributes Fortifying your encryption keys security with Smart Key Attributes
cloudhsm-alps-locket-colourful CloudHSM CloudHSM provides a seamless, secure, and cost-effective path to achieving full compliance with data security requirements and regulations
device-hsm-colourful Primus HSM Overview Gain Full sovereignty over your data with Securosys Primus HSM, ensuring the utmost security standards
3D-sphere-blocks-colourful Primus Blockchain HSM Enhancing blockchain security and crypto asset protection
key-hand-b&w Smart Key Attributes Fortifying your encryption keys security with Smart Key Attributes
cloudhsm-alps-locket-colourful CloudHSM CloudHSM provides a seamless, secure, and cost-effective path to achieving full compliance with data security requirements and regulations