TRIDENT HSM is the first hardware security module (HSM) in the world to combine high-level hardware security and multi-party computation in order to provide the highest level of data protection required in business.
The unique and revolutionary solution developed by i4p, a Hungarian company founded by leading cryptography experts, offers exceptional security, authentication and encryption for organizations ranging from SMB’s to large enterprises, including financial institutions that have to comply with the strictest regulations.
PRODUCT OVERVIEW
TRIDENT HSM received the Common Criteria (CC) EAL4+ certification which is the highest level of certification available for HSM modules in Europe.
TRIDENT HSM is easy to integrate and provides multiple functions for different use cases, offering an ideal solution for data protection challenges in several industries including banking and financial services, government and manufacturing as well as data safekeepers and qualified trust service providers.
Large enterprises and small and medium-sized businesses struggle with cybersecurity concerns worldwide on a daily basis while they also have to comply with strict regulations. TRIDENT HSM enables these organizations to ensur e outstanding security for their sensitive data and meet the requirements of the most common standards including GDPR, eIDAS and PSD2.
The core of the solution is the unique and patent pending multi-party computation technology that has never been used in HSM modules before. This revolutionary design is the intellectual property of the founders of i4p, the leading cryptography professionals of the region.
High availability architecture
Due to its distributed architecture, the TRIDENT HSM meets the most demanding availability and load balance requirements. If deployed in geographically dispersed datacenters it is as disaster tolerant as any IT service can be. If placed close to each other together they achieve the highest speed. Regardless of the chosen architecture, the system provides service as one. Any of the appliances/cluster devices is independently capable of communicating with the outside world so extremely high availability and load balance can be achieved.
TRIDENT HSM deploys simply into existing TCP/IP network infrastructures and communicates with other network devices smoothly.
The HSM crypto functionality can be utilized using the industry standard PKCS#11 library, OpenSSL and the proprietary CMAPI interface of the HSM.
CC Evaluated/Common Criteria Certified
TRIDENT HSM has successfully achieved Common Criteria EAL 4+ certification (Evaluation Assurance Level EAL 4 augmented by AVA_VAN.5 and ALC_FLR.3 based on ISO/IEC 18045:2008) meeting the requirements of both the Protection Profile for Cryptographic Module for Trust Services (EN 419221-5) and the Protection Profile for QSCD for Server Signing (EN 419241-2) with strict conformance.
Multi-factor authentication
TRIDENT HSM enables both local and remote users to use multi-factor authentication. Besides passwords, the Time-based One-Time Password (TOTP) mechanism according to RFC 6238 can be enabled for any administrators and users. The necessary TOTP codes can be generated using any standard application, such as the Google Authenticator running on a smartphone.
Easy integration
TRIDENT HSM deploys simply/integrates seamlessly into existing TCP/IP network infrastructures and communicates with other network devices smoothly. The HSM crypto functionality can be utilized using the industry standard PKCS#11 library, JCA/JCE, Microsoft CSP and KSP, OpenSSL and the proprietary CMAPI interface of the HSM. TRIDENT HSM can also communicate directly with security access modules (eg. MIFARE SAM AV2) to enable quick and secure integration into ticketing ecosystems.
Upload local applications/Protected environment
TRIDENT HSM’s integrated/comes equipped with a Tamper Detection Module (TDM) with multiple sensors that monitor the environment for maximal security even when the appliance is not powered. The sensitivity of the TDM sensors can be configured to fit to the unique operating environment of the appliance. Also, TRIDENT HSM allows local client applications (LCAs) to be installed into its protected environment. LCAs run in protected containers to ensure that they are isolated from other LCAs and from the HSM core. LCAs are created using the industry standard Linux Container Framework.
EIDAS Compatibility
The TRIDENT HSM has successfully attained its certification as a Qualified Signature and Seal Creation Device (QSCD) under EU Regulation 910/2014 on Electronic Identification and Trust Services (eIDAS). Thus, it enables Trust Providers to offer both Qualified and non-Qualified services, whether it is to generate, validate and preserve electronic signatures and seals, digital certificates and to satisfy the requirements of PSD2 (Open Banking), GDPR (Data Protection) and other current or future directives. All of this with an unparalleled high level of security.
CRYPTOGRAPHIC APIs
HOST INTERFACE
CERTIFICATIONS
CRYPTOGRAPHY
PHYSICAL CHARACTERISTICS
* PKCS #11 Cryptographic Token Interface Profiles, an OASIS Standard
** OpenSSL is a registered trademark owned by OpenSSL Software Foundation
Our Partner Program was specifically designed to naturally reward the investments you make in selling our solutions, based on your sales performance
Trident HSM combines the high-level hardware security and multi-party computation to provide the highest level of data protection required in business.
The first eIDAS listed Remote Signature Solution with the Signature Activation Module (SAM) coming from the same vendor as the underlying Crypto Module (CM).
A Timestamp Server that ensures the tamper-proof creation and authenticity of timestamps for any purposes, with the reliability provided by the high level of security.
A Signature Formatting Server that is used for higher level signature formatting and a self-contained, fully functional module.
Contact us by filling out our online form
or send us an e-mail at info@i4p.com
Do you need support? For i4p support requests, please send
an e-mail to support@i4p.com or call +36 1 700 1230.
For press and media inquiries,
please send an e-mail to pr@i4p.com
Download this ebook to find out: