Security Architecture
TSB with OnPremise Primus HSM (Type1)
This architecture provides the flexibility to separate from Securosys's "as a Service" solutions, enabling self-management of the Transaction Security Broker Software and required HSM operations. By keeping everything in your own datacenter, you gain complete control over your architecture, eliminate the need to cross network boundaries, and establish seamless operational inheritance.
TSB Software with HSMaaS in a Shared Environment (Type2)
In this architecture type, a secure environment is established by providing dedicated access to a single partition, even though the HSM is shared among multiple Securosys customers. The advantage of this approach is the reliability, scalability, high availability failover, and load balancing provided by Securosys "as a Service" Solution in managing the HSMs and TSB.
TSB Software with HSMaaS in a dedicated Environment (Type3)
In this architecture, a dedicated HSM per customer (PLATINUM) is operated by Securosys in a Datacenter of the CloudHSM service, offering flexibility in choice. The locally managed REST-API / TSB Software supports end-to-end encryption using mTLS. The CloudHSMaaS solution provides High Availability, cloning mechanisms, and high-quality backups of the key material, ensuring the protection of valuable data. To pursue this architecture, please reach out to our Sales Team to begin the project.