Thank you for reading the OneSpan Authentication Suite Server SDK for HSM Module Management Guide for Thales ProtectServer HSM.
Authentication Suite Server SDK for HSM provides an even higher level of security than the software Authentication Suite Server SDK. Authentication Suite Server SDK for HSM consists of the following modules:
- Authentication Suite Server SDK host API
- Authentication Suite Server SDK HSM module
The non-sensitive functionalities of Authentication Suite Server SDK for HSM use the host API without accessing the HSM. The sensitive functionalities use both the host API and the Authentication Suite Server SDK HSM module.
Before using Authentication Suite Server SDK for Thales ProtectServer HSM, you need to upload an Authentication Suite Server SDK HSM module to the Thales ProtectServer HSM. This module is referred to as FM module (functionality module) as it serves as a third-party module extending the functionalities in the HSM.
The Authentication Suite Server SDK for HSM package also contains an Authentication Suite Server SDK for HSM FM module for the Thales ProtectServer 3 product family, in addition to the FM module for previous Thales ProtectServer 2 and ProtectServer versions.
Thales ProtectServer 3 HSM devices and previous Thales ProtectServer 2 and ProtectServer HSM devices have different hardware architectures and therefore require different Authentication Suite Server SDK FM modules.
This document provides information about:
- Authentication Suite Server SDK FM module upload to the HSM
- HSM communication management
- Using the Authentication Suite Server SDK FM module
This document does not provide:
- Information about the functions necessary to implement Digipass strong authentication (refer to the OneSpan Authentication Suite Server SDK C-C++ Programmer's Guide).
- Information about the functions necessary to use Authentication Suite Server SDK with a hardware security module (refer to the OneSpan Authentication Suite Server SDK for HSM C-C++ Programmer's Guide).
- Information about key management (refer to the OneSpan Authentication Suite Server SDK Key Management Guide for Thales ProtectServer HSM)).
This document assumes that you have thorough knowledge of the following products:
- OneSpan Authentication Suite Server SDK for HSM
- Thales ProtectServer hardware security module (Thales ProtectServer Orange/Gold/External/Internal, Thales ProtectServer 2 External/Internal)
- Thales ProtectServer HSM SDK: ProtectToolkit C
As of version 4.0, OneSpan Authentication Server Framework has been renamed to Authentication Suite Server SDK. If not explicitly stated otherwise, any information and references to OneSpan Authentication Server Framework or VACMAN Controller also apply to Authentication Suite Server SDK.