HSM

A hardware security module (HSM) is a physical device that manages digital keys and performs cryptographic operations in a secure, tamper-resistant environment. By isolating keys from general-purpose servers, HSMs reduce exposure to theft or misuse and provide strong protection for keys used in authentication, encryption, and digital signing.

HSMs securely generate, store, and handle cryptographic keys and execute operations such as encryption, decryption, digital

Deployment models vary: on-premises network-connected HSMs and PCI HSMs used by card processors; cloud-based HSM services

Common use cases include securing root keys for PKI and certificate authorities, protecting TLS keys, encrypting

Standards and compliance: many HSMs are evaluated to FIPS 140-2 or FIPS 140-3, and/or Common Criteria. They