Default banner

  • Overview
  • Specifications
  • Features

java hsmJava Web Application Security Highlights:

SafeNet Java HSM – formerly Luna SP – provides a secure platform for the deployment of Web applications, Web services, and Java applications that require the highest levels of trust by combining a standard application server platform and a dedicated hardware security module (HSM) within a single security appliance.

Download the Product Brief


Java Web Application Security Highlights:

Standard Tools for Rapid Development

SafeNet Java HSM supports the J2S development environment and is pre-populated with standard tools to simplify application development. A Web server, SOAP stack, and J2SE compliant XML Web service container are preinstalled and optimized to support XML and Web services applications running on SafeNet Java HSM.

Custom applications can be developed quickly and easily, simplifying design and testing, shortening development cycles, and eliminating the need for propriety development funds.


Protected Application Environment

Applications installed on SafeNet Java HSM execute within a protected application container to ensure that application code and system code are isolated. Applications executing within this trusted environment have exclusive access to the SafeNet Java HSM through a policy layer separating the application from the HSM.


Secures Applications and Their Cryptographic Keys

SafeNet Java HSM increases application security by providing a trusted execution environment that protects an application’s sensitive software components and cryptographic keys from physical, logical, and operational threats.

Customer-provided application code is digitally signed and securely installed on the SafeNet Java HSM to assure code integrity and prevent the execution of unauthorized applications. SafeNet Java HSM features an integrated FIPS 140-2, Level 3 validated HSM that provides hardware protection for cryptographic keys and processes.


Auditing, Authentication, and Policy Control

Split administrative roles, including M of N multi-person authentication, and flexible security policy management, maintain tight control over sensitive administrative functions, including code loading and management of cryptographic keys. Rigorous logging features monitor access and cryptographic key usage.



Java Services  

  • Java J2SE (JVM)
  • Xerces (XML parsing)
  • Apache Tomcat (Application and Webserver)
  • Apache Axis (SOAP)


  • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
  • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
  • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
  • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)

Crytographic APIs  PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL

Rack Mountable  Standard 19" EIA rack mount chassis (1U height)

Dimensions  19.0” x 20.6” x 3.45” (482.6mm x 523.2mm x 87.7mm)

Weight  35lb (15.9kg)

Input Voltage  100-240V, 50-60Hz

Power Consumption  180W maximum, 155W typical

Temperature  Operating 0° to 40°C

Relative Humidity  5% to 95% (38°C) non-condensing

Certifications  FIPS 140-2 Level 2 and Level 3


  • UL, CSA, CE
  • FCC, KC Mark, VCCI, CE
  • RoHS, WEEE

Management  M of N support for division of command

Request More Info

Download the Product Brief

SafeNet Java HSM for Web Applications Security

Sample Use Cases:

Green Cryptographic Key Icon

  • PKI key generation & key storage storage (online CA keys & offline CA keys)
  • Certificate validation & signing
  • Document signing
  • Transaction processing
  • Database encryption
  • Smart card issuance


  • Two factor authentication – including multi-level access control
  • Protected application execution environment
  • Signed code prevents unauthorized execution
  • Application auto restart
  • Standard tools for rapid development
  • Connects to standard TCP/IP (Internet Protocol) networks
  • Integrated SafeNet K5 cryptographic engine is capable of up to 5,500 transactions per second to eliminate cryptographic processing bottlenecks


  • SafeNet Java HSM can be deployed anywhere on the network
  • Leverages standard Java development tools for easy programmability
  • Facilitates development of custom applications
  • Optimized to support XML and Web Services applications
  • Reduces system overhead
  • Prevents unauthorized execution

Request More Info

Download the Product Brief