In today’s internet-run society, webpage owners face a unique challenge to protect their users’ data. This data is usually stored and encrypted on the web server responsible for the page using an encryption key, but how can owners be sure these encryption keys won’t fall into the wrong hands? When encryption keys are stored in an HSM, the data on the server is safe from unauthorized decryption. The server itself can also work more efficiently and quickly without the added consideration of the encryption key storage.
Futurex HSMs can work together with a program called Apache Tomcat to protect server encryption keys and manage server data. According to the Apache Tomcat website, “the Apache Tomcat software is an open source implementation of the Java Servlet, Java Server Pages, Java Expression Language, and Java Web Socket technologies. Apache Tomcat software powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations.” Apache Tomcat is used along with Java Servlet to serve up functional libraries in Java.
When combined with a Futurex HSM, Apache Tomcat simplifies private key storage on the HSM and allows for decrypting and processing TLS handshakes on the server. In this process, the Futurex HSM provides a FIPS 140-2 Level 3 validated platform to store encryption keys, and Apache Tomcat requests those keys as needed. Apache Tomcat handles the cryptographic processes for the server, but the encryption keys themselves are never stored in the clear. Instead, they are secured within the tamper-evident and tamper-responsive boundaries of the HSM.
Configuring a Futurex HSM with Apache Tomcat is simple because Tomcat supports PKCS #11 libraries, eliminating the need for application development. Futurex is releasing an Apache Tomcat Integration Guide intended to provide information regarding TLS handshake offloading and the configuration of Tomcat with Futurex HSMs. By following this step-by-step guide, Futurex HSM users can quickly and easily configure their devices.
If you’re interested in configuring Apache Tomcat with your Futurex HSM, request to download the Futurex Apache Tomcat Integration Guide. If you have any questions, don’t hesitate to reach out to our Solutions Architects for help.
For more information on how Futurex HSMs protect and secure some of the world’s most sensitive data, contact our Solutions Architects, available 24x7x365. For more information on Apache Tomcat, visit their page.