| CPC G06F 21/602 (2013.01) [G06F 21/604 (2013.01); G06F 21/85 (2013.01)] | 14 Claims |
|
1. A Hardware Security Module (HSM) exposing an API to establish a Class of Service (CoS) on cryptographic transactions requested from at least one Crypto API Client, the HSM 101 comprising:
a Main Processor hosting an HSM app exposing said API to said at least one Crypto API Client, the API providing:
a first API method to handle a Class of Service (CoS) attribute of the at least one Crypto API Client via in-band signaling for a desired cryptographic service;
wherein the CoS attribute signals a higher level of service for time-sensitive and high priority requests processing the cryptographic transactions on the HSM; and
a Security Processor specialized to accelerate processing of said cryptographic transactions on the HSM 101 based on the Class of Service (CoS) attribute;
wherein the Main Processor comprises a software (SW) CoS Manager to logically
prioritize and queue the API requests from the connection threads in the Connection Thread Pool that terminate TCP/TLS connections to API processing threads in an API processing thread pool, whereby
each API processing thread is assigned to handle the cryptographic transactions associated with said desired cryptographic service, and determine from the CoS attribute and the cryptographic transactions whether to fulfill the cryptographic transactions in software on the main processor or via hardware prioritization via the Security Processor,
wherein the at least one Crypto API Client is communicatively coupled to the HSM over the TCP/TLS secure communication channel to an internet protocol (IP) address and port.
|