Yep, that's the sort of info I was after - non-sticker price costs :) OK, several to six months FTE or mm. That feels about right.

I'm not sure about the outsourcing bit. What does it mean to preserve your secrets in a HSM and then hand the HSM over to the care of someone else... ? I'm not ruling it out, it's just that we seem to have a strange confluence of contrary objectives :)

iang


On 11/04/12 00:12 AM, Von Welch wrote:
Ian,

  I've led or been involved with several projects in academia that have used 
HSMs as a basis for a CA. I can't say I've done a cost analysis at the level of 
granularity you seem to be looking for, but I will say that at a high-level, 
the added personnel costs of integrating and maintaining an HSM have been the 
dominant factor in my experience.

  I estimate several-to-six (depending on the experience of the staff) 
additional FTE*months to understand the HSM (documentation always seems 
lacking) and get it working with our security libraries (OpenSSL typically). 
Maintenance is painful for a one-off since the HSM is this completely unique 
hardware and software system sitting in ones infrastructure, so that is a 
significant fraction of a person plus a small fraction of a second for backup 
(vacations, continuity, etc.).

  We did a second site redundant HSM-based CA once and it was a lengthy process 
mainly due to the staff there having to come up to speed on the HSM, again 
several FTE*months.

  I try to avoid this now and in my most recent project we're outsourcing this 
to a commercial vendor and it's my expectation the initial legal/policy issues 
with that route will be less painful than the HSM technical issues and then 
maintenance will be simpler.

Von



On Apr 10, 2012, at 2:26 AM, ianG wrote:

Does anyone have any estimates for the project cost of employing HSMs at a 
single task?  (e.g., protecting / deploying a single secret, not a network of 
them.)

I'm not looking for sticker prices but project costings, including: spare 
devices, programming, work-throughs and transfers, documentation, testing 
recovery paths, training, maintenance contracts, upgrades, etc.

In comparison to the null project, not using them (e.g., using straight servers 
in locked racks etc).

tia,

iang
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography


_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to