Još 149,00 EUR do besplatne dostave!
Strojni varnostni modul Yubico YubiHSM v2.1, USB-A
Strojni varnostni modul Yubico YubiHSM v2.1, USB-A Strojni varnostni modul Yubico YubiHSM v2.1, USB-A

Strojni varnostni modul Yubico YubiHSM v2.1, USB-A

Yubico
5060408461976
292
FLAYUB016
Brand: Yubico
Crtični kod: 5060408461976
SKU kod: 292
Korisnički kod: FLAYUB016
Garancija: 1 godina
Not in stock
Availability: about 14 dana
OutOfStock
649,95 EUR

Product details

Temelj zaupanja za strežnike in računalniške naprave

YubiHSM 2 je izjemen strojni varnostni modul za strežnike in IoT naprave, ki ponuja napredno zaščito digitalnih ključev po ceni, dostopni za vse organizacije. Omogoča najvišji nivo varnosti pri generiranju, shranjevanju in upravljanju digitalnih ključev. Podpira širok nabor okolij in aplikacij.

Varno shranjevanjevanje in upravljanje ključev

Ustvarite, uvozite in shranite ključe, nato pa izvedite kriptografske operacije na HSM, da ključe zaščitite pred krajo. Zaščita vključuje tako logične, kot tudi fizične napade na strežnik.

Izjemne kriptografske zmožnosti

YubiHSM 2 podpira zgoščevanje (hashing), šifriranje ključa (key wrapping), asimetrično podpisovanje in postopke dešifriranja, med drugim napredno podpisovanje z ed25519.

Varna seja med HSM in aplikacijo

Integriteta in zasebnost ukazov ter promet med HSM in aplikacijami so varovani s skupno potrjenim, zaupnim tunelom.

Nadzor dostopa do ključev preko dodeljevanja vlog

Vsi šifrirni ključi in ostale komponente v HSM pripadajo eni ali več varnostnim domenam. Pravice dostopa so dodeljene za vsak avtentikacijski ključ ob izdelavi, kar omogoča izvajanje določenih operacij v posamezni domeni. Administratorji dodelijo pravice do ključev glede na potrebe uporabe.

16 sočasnih povezav

Več aplikacij lahko hkrati vzpostavi seje z YubiHSM za izvajanje kriptografskih postopkov. Seje se lahko avtomatično prekinejo ob neuporabi ali pa jih pustimo delovati, da nam ob naslednji uporabi ni potrebno čakati na vzpostavitev.

Deljenje preko omrežja

YubiHSM 2 lahko s pomočjo aplikacij na strežnikih uporabljamo prek omrežja. Ta funkcionalnost je predvsem uporabna na fizičnih strežnikih, ki gostijo virtualke.

Oddaljeno upravljajanje

Enostavno lahko oddaljeno dostopate do več nameščenih YubiHSM v celotnem podjetju.

Unikatna "Nano" oblika, nizka poraba energije

Yubicova "Nano" oblika omogoča, da se YubiHSM 2 popolnoma skrije v USB-A priključek. Poleg tega porablja izredno malo energije (maksimalen tok je 30 mA).

"M od N" pravila za varnostno kopiranje ključev

Varnostno kopiranje in nameščanje šifrirnih ključev na več HSM-jev je pomembno pri varnostni arhitekturi v podjetju. Tvegano pa je, da to zmožnost dodelimo samo eni osebi. YubiHSM zato podpira nastavitev "M od N" pravil za šifriran ključ (wrap key), ki ga uporabimo za izvoz ključev za varnostno kopijo in prenos. Tako je potrebnih več administratorjev za uvažanje in dešifriranje ključa, da je potem uporaben na dodatnih HSM-jih.

Vmesniki preko YubiHSM KSP, PKCS#11 in izvornih knjižnic

Aplikacije za šifriranje lahko YubiHSM uporabljajo preko Yubico Key Storage Provider za Microsoft CNG ali industrijskega standarda PKCS#11. Na voljo so tudi izvorne knjižnice na Windows, Linux in macOS za bolj neposredno interakcijo z napravo.

Beleženje dogodkov

YubiHSM beleži vse dogodke upravljanja in šifrirnih operacij, ki se pojavijo na napravi. Dogodke lahko izvozimo, mogoče pa je tudi videti, če so bili zapisi spremenjeni ali izbrisani.

Tehnične podrobnosti

Podpora za operacijske sisteme (amd64 arhitektura)

  • Linux: CentOS 6, CentOS 7, Debian 8, Debian 9, Fedora 25, Ubuntu 1404, Ubuntu 1604
  • Windows: Windows 10, Windows Server 2012, Windows Server 2016
  • macOS: 10.12 Sierra, 10.13 High Sierra

Kriptografski vmesniki

  • Microsoft CNG (KSP)
  • PKCS#11 (Windows, Linux, macOS)
  • Native YubiHSM Core Libraries (C, python)

Kriptografske zmogljivosti

Zgoščevanje (hashing - uporaba s HMAC in asimetričnimi podpisi)

  • SHA-1, SHA-256, SHA-384, SHA-512

RSA

  • 2048, 3072 in 4096 bitni ključi
  • Podpisovanje z uporabo PKCS#1v1.5 in PSS
  • Dekripcija z uporabo PKCS#1v1.5 in OAEP

ECC (Elliptic Curve Cryptography)

  • Krivulje: secp224r1, secp256r1, secp256k1, secp384r1, secp521r, bp256r1, bp384r1, bp512r1, curve25519
  • Podpisovanje: ECDSA (vse razen curve25519), EdDSA (samo curve25519)
  • Dekripcija: ECDH (vse razen curve25519)

Šifriran ključ (key wrap)

  • Uvoz in izvoz z uporabo NIST AES-CCM Wrap pri 128, 196 in 256 bits

Naključne številke

  • On-chip True Random Number Generator (TRNG) uporabljen za seed NIST SP 800-90 AES 256 CTR_DRBG

Overjanje

  • Asimetrične ključe, ustvarjene na napravi, lahko overimo s certificiranim overitvenim ključem in certifikatom ali z uporabo svojega ključa in certifikata, uvoženega v HSM.

Zmogljivost

Zmogljivost je odvisna glede na uporabo. Software Development Kit vključuje orodja, ki jih lahko uporabite za dodatne meritve.

Meritve prostega YubiHSM 2:

  • RSA-2048-PKCS1-SHA256: ~139ms avg
  • RSA-3072-PKCS1-SHA384: ~504ms avg
  • RSA-4096-PKCS1-SHA512: ~852ms avg
  • ECDSA-P256-SHA256: ~73ms avg
  • ECDSA-P384-SHA384: ~120ms avg
  • ECDSA-P521-SHA512: ~210ms avg
  • EdDSA-25519-32Bytes: ~105ms avg
  • EdDSA-25519-64Bytes: ~121ms avg
  • EdDSA-25519-128Bytes: ~137ms avg
  • EdDSA-25519-256Bytes: ~168ms avg
  • EdDSA-25519-512Bytes: ~229ms avg
  • EdDSA-25519-1024Bytes: ~353ms avg
  • AES-(128|192|256)-CCM-Wrap: ~10ms avg
  • HMAC-SHA-(1|256): ~4ms avg
  • HMAC-SHA-(384|512): ~243ms avg

Kapaciteta pomnilnika

  • Vsi podatki so shranjeni kot objekti. 256 prostorov za objekte, največ 128KB.
  • Shrani lahko do 127 rsa2048, 93 rsa3072, 68 rsa4096 ali 255 kateregakoli  ECC tipa, če je prisoten le en avtentikacijski ključ.
  • Tipi objektov: Avtentikacijski ključi (za vzpostavitev seje), asimetrični zasebni ključi, binarni podatkovni objekti, npr. x509 certifikati, šifrirani ključi, HMAC ključi.

Upravljanje

  • Skupna avtentikacija in varni tunel med aplikacijami in HSM
  • "M od N" pravila preko YubiHSM Setup Tool

Software Development Kit

Software Development Kit je na voljo na Yubicovi spletni strani in vsebuje:

  • YubiHSM Core Library (libyubihsm) for C, Python
  • YubiHSM Shell (Configuration CLI)
  • PKCS#11 Module
  • YubiKey Key Storage Provider (KSP) za uporabo z Microsoftom
  • YubiHSM Connector
  • YubiHSM Setup Tool
  • dokumentacijo in primere kode

Fižične lastnosti

  • Velikost: 12 x 13 x 3,1 mm
  • Teža: 1 g
  • Tok: povprečno 20mA, 30mA največ
  • USB-A priključek

Opis

Yubico YubiHSM 2 je strojni varnostni modul (HSM - Hardware Security Module), ki ponuja napredno šifriranje, med drugim zgoščevanje ter simetrično in asimetrično šifriranje s ključi. Omogoča zaščito pomembnih aplikacij, identitet in drugih občutljivih podatkov v podjetjih, ki se ukvarjajo s certifikati, podatkovnimi bazami, podpisovanjem kode itd. Do YubiHSM 2 lahko dostopamo z aplikacijami preko Windows KSP, industrijskega standarda PKCS#11 ali izvornih OS knjižnic. Ultra-tanka oblika omogoča, da se ključek popolnoma skrije v USB-A vhod.

Specifikacije

Tip naprave Varnostni USB ključek
Tip priklopa USB-A

In addition to mandatory cookies, we also use analytical and advertising cookies, as well as social network cookies on the Eventus Sistemi website.

If you agree with this, please click on the I ACCEPT button. For a detailed description and in order to set the use of individual cookies, click on the COOKIE SETTINGS link.

Postavke kolačića
×
Managing cookies on the Eventus Sistemi website
Mandatory cookies

are cookies that are essential for the proper functioning of the website, whereby the transmission of information in the communication network would not be possible without them. These cookies are also necessary in order for us to offer you the services, which are available on our website. They allow you to log in to the user profile, select the language, agree to the terms and conditions and identify the session of the user. We are not obliged to obtain consent for their use.

Analytical cookies

These cookies help us understand how our visitors use our website. They help us improve the user experience and identify user requirements and trends. We only use these cookies if you have explicitly consented to their use.

Advertising cookies

Third-party plug-ins and tools used as cookies enable various functionalities to work, help us analyse the frequency of visits and how the website is used. If an individual does not agree to the use of these cookies, they will not be installed, while it may however happen, that some interesting features of the website will not be available. We only use these cookies if you have explicitly consented to their use.

Social network cookies

These cookies make it possible for us to provide content for posts on social media and record your actions so that we may provide a more personal and enhanced user experience. We use these cookies only if you are logged into a Twitter, Facebook or Google user account when using the website.

1. General information about cookies 1.1. What are cookies?

Cookies are small text files that most modern websites store on the devices of their visitors, i.e. people who access certain websites on the Internet with their devices. The storing of cookies is under the complete control of the user, since users can easily configure their browser to restrict or disable the storage of cookies.

While visiting the website and its subpages and performing operations on the website, your computer, phone or tablet, automatically or after gaining your explicit consent, stores certain cookies through which various data can be recorded.

1.2. How do they work and why we use them?

Each visitor or shopper is assigned a cookie in order to identify him and ensure traceability at the beginning of each use of the online store. The servers provided to the company by the subcontractor automatically collect data on how visitors, shop owners or shoppers use the online store and store this data in the form of an activity log.

The servers store information about the use of the online store, statistics and IP numbers. Data on the use of the online store by shoppers can be used by the company for compiling anonymous statistics that help us improve the user experience as well as market products and / or services through an online store.

Indirectly and upon obtaining consent, the online store may also store external service cookies on the visitor's or shopper's device (e.g. Google Analytics) which are used to collect data on website visits. Regarding external services, the rules and general conditions on the processing of personal data, which are available at the links below, apply.

2. Permission to use cookies

If the settings of the browser with which you visit the website are such, that they accept all cookies, it means that you agree to their use. In case you do not want to use cookies on this website or you want to remove them, you may follow the procedure below. Removing or blocking cookies may result in suboptimal performance of this website.

3. Mandatory and optional cookies and your consent 3.1. We are not required to gain your consent for the use of mandatory cookies:

Mandatory cookies are cookies, that are essential for the proper functioning of the website, whereby the transmission of information in the communication network would not be possible without them. These cookies are also necessary in order for us to offer you the services, which are available on our website. They enable login into the user profile, language selection, agreeing to the terms and conditions and user session identification.

3.2. Cookies that are not necessary for the normal operation of the website, and for which we are obliged to obtain your consent (optional cookies):

Analytical cookies

These cookies help us understand how our visitors use our website. They help us improve the user experience and identify user requirements and trends. We only use these cookies if you have explicitly consented to their use.

Advertising cookies

Third-party plug-ins and tools used as cookies enable various functionalities to work, help us analyse the frequency of visits and how the website is used. If an individual does not agree to the use of these cookies, they will not be installed, while it may however happen, that some interesting features of the website will not be available. We only use these cookies if you have explicitly consented to their use.

Social network cookies

These cookies make it possible for us to provide content for posts on social media and record your actions so that we may provide a more personal and enhanced user experience. We use these cookies only if you are logged into a Twitter, Facebook or Google user account when using the website.

4. How to manage cookies?

You can manage cookies by clicking on the "Cookie settings" link in the footer of the website.

You can also control and change cookie settings in your own web browser.

In case you want to delete cookies from your device, we advise you to follow the described procedures, by doing so, you will most likely limit the functionality of not only our website but also most other websites, as the majority of modern websites use cookies.