HSM Virtualization and Multitenancy: Strategies and Considerations (G20a)
Virtualization and multitenancy are a common technologies that have been used across IT ecosystems for decades, but can those same principles be applied to hardware security modules (HSM)? This has long been debated in the industry, and it’s clear in 2022 that anyone involved in the design, development, certification, or use of cryptographic modules must be equipped to answer this question. The speaker will review the state of HSM virtualization and multitenancy, focusing specifically on aspects relevant to cryptographic module designers, firmware developers, certification body representatives, and end users. This talk will cover the technical foundations of HSM virtualization, drivers for its growing use across the industry, a comparison of common multitenancy implementation styles, and compliance considerations for both payments and general-purpose environments. Attendees will learn how to assess the impact of HSM virtualization technology alongside their compliance goals, evaluate associated architectural and strategic impacts, and implement best practices for protecting sensitive data in multi-tenant environments.