Home >

Configuration Guide > Creating an Application Partition in the HSM

  
Creating an Application Partition in the HSM

In a previous chapter, you initialized the HSM, establishing ownership and administrative oversight by an entity called the HSM Security Officer, using the authentication method that is supported by your HSM (password-authenticated or PED-authenticated). In this chapter, you establish a separate space in the HSM for use by your cryptographic applications - for creation, storage, and use of cryptographic keys and objects.

Two variables come into play, to determine which set of instructions should apply to your HSM and application partition:

the type of authentication used by your HSM, and therefore by any application partitions (which was decided when you purchased the HSM), and  

the style of partition that you are about to create (discussed in the next section).   

Choose Partition Type

The options are:

Legacy-style application partitions are owned and administered by the HSM SO, who retains complete control.

PPSO-style application partitions each have their own SO, independent of the HSM SO, and all administrative control, except partition deletion, resides with the Partition SO

Legacy-style Partitions

Choose the authentication method that applies to your HSM.

See Create a Legacy Password-authenticated Application Partition   .   

See Create a PED Authenticated Legacy-style Application Partition (f/w pre-6.22.0).   

Per-Partition SO (PPSO) Partitions

For an overview of the procedure to set up a PPSO partition, see About Configuring an Application Partition with Its Own SO  .