Luna HSM integration

This document provides you the steps for integrating SafeNet Authentication Service (SAS) with a Luna HSM. It demonstrates how to configure a SafeNet Authentication Service (SAS) to secure the AES encryption key within a Luna HSM. Thales Luna HSM is an external hardware security module that is available for use with SafeNet Authentication Service (SAS). Luna HSM with SAS is used to secure encryption keys that protect sensitive data. Multiple Luna HSMs can be configured as a High Availability (HA) group with SAS that ensure the availability of encryption keys.

The benefits of using a Luna HSM to generate the encryption key to protect sensitive data for SafeNet Authentication Service (SAS) includes:

• Ensuring secure key generation, storage, and protection through FIPS 140-2 level 3 validated hardware.
• Providing full life cycle management of the keys.
• Maintaining an audit trail through HSM.
• Achieving significant performance enhancements by offloading cryptographic operations from application servers.

Supported platforms

The following platforms are certified for integrating SafeNet Authentication Service with Luna Cloud HSM:

Note

This integration will work properly and will be compatible with any Luna HSM device, provided the Luna HSM device is supported and used in conjunction with a compatible Luna Client.

Luna HSM: Luna HSM appliances are purposefully designed to provide a balance of security, high performance, and usability that makes them an ideal choice for enterprise, financial, and government organizations. Luna HSMs physically and logically secure cryptographic keys and accelerate cryptographic processing.

Luna HSM on-premise offerings include the Luna Network HSM, PCIe HSM, and Luna USB HSMs. Luna HSMs are also available for access as an offering from cloud service providers such as IBM cloud HSM and AWS cloud HSM classic.