Amazon announces new security tool for its cloud services
On its AWS blog, Amazon has announced that AWS CloudHSM, a hardware module for storing keys and certificates, will be added to the security features of its cloud services. The main reason for this is to satisfy the legal and contractual security requirements of AWS customers, said the company.
The component will be integrated into the AWS Virtual Private Cloud and is a tamper-proof Luna Security Appliance that offers FIPS 140-2 Level 3 and CC EAL 4 validation. The appliance's features can be accessed via the PCKS #11, CAPI and Java JCA/JCE security APIs. Amazon says that, by design, only customers will have access to the keys, and that the module will be managed from within the AWS Private Cloud.
AWS CloudHSM will initially be available in the US East (North Virginia) and EU West (Ireland) regions and will, depending on customer demand, also be offered in other regions as the year progresses. In addition to a set-up fee of $5,000, the service will also incur a monthly fee of around $1,300.