Bank of America Corporation
CENTRALIZED SYSTEM FOR A HARDWARE SECURITY MODULE FOR ACCESS TO ENCRYPTION KEYS

Abstract:

Hardware Security Modules (HSMs) are used to secure data, such as encryption keys. Access to HSMs may be shared across applications, and virtualized to allow the HSMs to generate, store, and provide encryption and decryption processes to various applications when the HSMs are located apart from the particular systems on which the applications are stored. This configuration allows for application owners or developers to easily interface with the HSMs, such that applications may simply request an encryption key from the HSMs, utilize the encryption key for encrypting data, store the encryption key within the HSMs, and/or retrieve the encryption key for decryption without the disadvantages associated with HSMs. Utilizing centralized HSMs improves the efficiency of use, memory storage, and security of the HSMs, due at least in part to allowing application owners and/or developers to interface with HSMs without forcing cryptographic processes that are specific to the application.