Hardware security modules for Windows Server 2008

Hardware security modules play a vital role in providing incremental security capabilities for business applications. In many industries the use of HSMs is either specifically mandated or is a well established best practice for protecting processes that employ cryptography. These business critical processes include encryption and digital signing and other public key operations based on PKI. In these cases, the HSM provides a trusted, tamper resistant environment where cryptographic keys can be used, stored and managed securely.

The Windows Server platform is one of the most widely deployed operating systems within corporate data centers and is used to host numerous security oriented core business functions such as data protection, strong authentication, digital rights management, collaboration and email services and internet communications. Driven by increasingly stringent data protection and privacy mandates, these functions are becoming more prolific and the security attributes of these systems now incur much greater scrutiny. Therefore, the ease with which these systems can utilize the security properties of an HSM becomes paramount.

Windows Server 2008 software certification consists of approximately 100 test cases that independently confirm an application’s compliance with best practices for compatibility, security, reliability and availability on the new platform. The certification identifies top-performing technologies that are ready to deploy in mission-critical environments. As a participant in the Microsoft Early Access Program (EAP) for Windows Server 2008 Software Certification, nCipher’s netHSM and nShield were eligible for certification on a pre-release version of the new platform.