+1 613 254 5456
adjust font size Increase Font Size Reset Font Size Decrease Font Size

가상 보안 모듈

Software developers dealing with keys and other secrets often rely on simplistic protection of these values through simplistic mechanisms such as folder permissions. This leaves these credentials open to an easy hack. In some cases, secrets may have enough value (such as an RSA or ECC private key for e-commerce) that an expensive hardware security module (HSM) needs to be used. For many applications however, a well-constructed software system designed to hide keys and secrets can be a cost-effective solution. Elliptic offers this capability through the ESS-07 Virtual Security Module.

Ellipsys-VSM is part of the Ellipsys Trust Framework which is Elliptic’s solution to help device manufactures and system providers protect their product from tampering, cloning, and other threats.

Ellipsys-VSM is a Virtual Security Module (VSM) that offers software based cryptographic services, similar to a Hardware Security Module (HSM), to support a range of solutions for digital identity and transactional security applications. It is a “software smart card” used to secure embedded secrets in software systems and has the capability to manage and protect sensitive information such as keys and credentials for system applications executing on embedded platforms.

Ellipsys-VSM supports a wide range of protected key management services such as secure key generation, storage, archiving, cloning, and secure migration of key material. The solution optionally provides acceleration for public-key operations via Elliptic or third party hardware offload engines.
Ellipsys-VSM can work as a standalone solution or in tandem with other Ellipsys Trust Framework companions, such as Ellipsys-SB and Ellipsys-CA.

 

Features

  • Management and protection of sensitive information like keys and certificates
  • Secure generation, storage , archiving, cloning and migration of key material
  • Highly configurable and flexible architecture
  • Supports industry standards and protocols
  • Support for hardware acceleration and CPU offload
  • Linux and ANSI-C based Builds on generic ARM, PPC, X86 platforms

 

Benefits

  • Highly configurable, flexible and reliable
  • NIST CAVP Certified
  • Optimized for size and performance
  • GPL-Free Code
  • Platform/OS agnostic
  • Significantly reduces development cycles
  • Optional support for hardware acceleration and offload for embedded processors

Applications

  • Anti-cloning and anti-counterfeiting
  • Anti-tampering
  • Key exchange (IPsec IKE)

Downloads
Product Brief: ESS-07 Virtual Security Module

주요 제품

mediaETS-020: tVault HDCP 2.2
A proven HDCP-based content protection solution that provides robust security inside Trusted Execution Environments (TEEs) and enforces the protection of sensitive information to ensure that it is stored, processed and accessed only by authorized applications.The solution integrates seamlessly within frameworks such as ARM TrustZone™, where the critical security components are embedded in a trusted and secure OS environment. The non-critical components are executed by the rich OS, such as Android.

towerCLP - 630: 멀티 패킷 관리자 보안 엔진
고기능적이고 독특한 보안 프로토콜 가속기는 고용량 무선 및 네트워크 응용 소프트웨어의 데이터를 효율적으로 처리하기 위해 특별히 설계되었습니다. 이 엔진은 여러 활성 연결 및4G LTE - 고급 무선 셀룰러 기지국과 펨토셀 등 다양한 내용의 상당한 트래픽 로드를 다루는 응용 소프트웨어에 완벽히 적합합니다.