Luna SP

Security for Java™ and Web Services Applications

Luna SP provides a secure platform for the deployment of Web applications, Web services, and Java applications that require the highest levels of trust by combining a standard application server platform and a dedicated hardware security module (HSM) within a single security appliance.

Standard Tools for Rapid Development

Luna SP supports the J2S development environment and is pre-populated with standard tools to simplify application development. A Web server, SOAP stack, and J2SE compliant XML Web service container are preinstalled and optimized to support XML and Web services applications running on Luna SP. Custom applications can be developed quickly and easily, simplifying design and testing, shortening development cycles, and eliminating the need for propriety development funds.

Protected Application Environment

Applications installed on Luna SP execute within a protected application container to ensure that application code and system code are isolated. Applications executing within this trusted environment have exclusive access to the Luna SP integrated HSM through a policy layer separating the application from the HSM.

Secures Applications and Their Cryptographic Keys

Luna SP increases application security by providing a trusted execution environment that protects an application’s sensitive software components and cryptographic keys from physical, logical, and operational threats. Customer-provided application code is digitally signed and securely installed on the Luna SP to assure code integrity and prevent the execution of unauthorized applications. Luna SP features an integrated FIPS 140-2, Level 3 validated HSM that provides hardware protection for cryptographic keys and processes.

Auditing, Authentication, and Policy Control

Split administrative roles, including M of N multi-person authentication, and flexible security policy management, maintain tight control over sensitive administrative functions, including code loading and management of cryptographic keys. Rigorous logging features monitor access and cryptographic key usage.

Sample Use Cases

  • PKI key generation & key storage storage (online CA keys & offline CA keys)
  • Certificate validation & signing
  • Document signing
  • Transaction processing
  • Database encryption
  • Smart card issuance

Benefits

  • Luna SP can be deployed anywhere on the network
  • Leverages standard Java development tools for easy programmability
  • Facilitates development of custom applications
  • Optimized to support XML and Web Services applications
  • Reduces system overhead
  • Prevents unauthorized execution

Features

  • Two factor authentication – including multi-level access control
  • Protected application execution environment
  • Signed code prevents unauthorized execution
  • Application auto restart
  • Standard tools for rapid development
  • Connects to standard TCP/IP (Internet Protocol) networks
  • Integrated SafeNet K5 cryptographic engine is capable of up to 5,500 transactions per second to eliminate cryptographic processing bottlenecks

Additional Information

Java Service Environment
Java ServicesJava J2SE (JVM)
Xerces (XML parsing)
Apache Tomcat (Application and Webserver)
Apache Axis (SOAP)
Cryptographic Support
CryptographyAsymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)
Crytographic APIsPKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
Physical Characteristics
Rack MountableStandard 19" EIA rack mount chassis (1U height)
Dimensions19.0" x 20.6" x 3.45" (482.6mm x 523.2mm x 87.7mm)
Weight35lb (15.9kg)
Input Voltage100-240V, 50-60Hz
Power Consumption180W maximum, 155W typical
TemperatureOperating 0°C to 40°C
Relative Humidity5% to 95% (38°C) non-condensing
Security Certifications
CertificationsFIPS 140-2 Level 2 and Level 3
Safety and Environmental Compliance
ComplianceUL, CSA, CE
FCC, KC Mark, VCCI, CE
FCC, KC Mark, VCCI, CE
RoHS, WEEE
Management, Logging, and Monitoring
ManagementM of N support for division of command

Documents

Software

Not Available

Related Products