Internal hardware security module (HSM) deployment model
The internal hardware security module (HSM) deployment model incorporates an internal HSM with each OneSpan Authentication Server instance. The HSM performs EMV-CAP authentication and transaction validation–related cryptographic processing. HSM requests are performed on the OneSpan Authentication Server instance that initiates the request.
Figure: Internal HSM deployment model
Performance
Higher performance is achieved with the use of the third-party load balancer directing authentication requests to two primary OneSpan Authentication Server instances. Database load sharing to dedicated database servers is configured in each OneSpan Authentication Server instance. A dedicated audit database is used for auditing and reporting. Administration is performed via the backup OneSpan Authentication Server instance, thus minimizing the load on the primary servers.
Internal HSM device may have an impact on the performance, depending on the number and performance of your HSM devices. Internal HSM devices are less likely to impact performance than external HSM devices.
Availability
Availability of the system is maximised by allowing the third-party load balancer to handle load balancing and failover between primary OneSpan Authentication Server instances. Additionally, each primary OneSpan Authentication Server instance is configured to fail over to a backup OneSpan Authentication Server instance.
A backup database server is used, and each OneSpan Authentication Server instance is configured to connect to it automatically if the primary database server is not available.
OneSpan Authentication Server
Two primary OneSpan Authentication Server instances, two backup OneSpan Authentication Server instances, and one dedicated OneSpan Authentication Server instance for administration, auditing, and reporting.
Data is stored on dedicated database servers.
Administration
All administrative operations are performed on the administration server.
Long-running operations can be performed with no direct impact on the authentication server performance handling authentication requests (these administrative operations will introduce only a replication impact on the commercial database servers).
The administration scenario could be disabled on both primary servers and backup servers to exclude administrative load. This is done via the Administration Web Interface.
Replication
Commercial replication is enabled between database servers. OneSpan Authentication Server replication is disabled.
Auditing
Auditing data should be written to databases at each site. The data should be imported to the master auditing database at the administration site on a regular basis.
Reporting
Deployment steps
To set up the internal HSM deployment model
- Install a commercial database on each dedicated database server, and modify the schema as needed.
- Set up replication between the databases.
- Install and configure the HSM.
- Install OneSpan Authentication Serveron each primary and backup server, using the Advanced installation option.
- Configure database load sharing on each OneSpan Authentication Server instance.
- Install a database on the audit server.
- Set up auditing as required.
- Configure reporting as required.
- Make auditing data available for reporting, i.e. schedule to merge the primary server's audit data with the backup server auditing data using the Maintenance Wizard.