I've been attempting to learn about the different features and uses of HSMs, and I keep thinking that someone must have put together a set of design patterns for different ways that HSMs can be used to secure different things.
For example, if we imagine the general situation where an organization needs a job to run once per week, it could be made more secure by configuring the HSM to only allow HSM operations for that job to take place during the hours when that job is scheduled to run (ie. "time locking"). If HSM operations were requested at any other time, the HSM could send an alert.
Another possible pattern could be to split up your sensitive data into many smaller encrypted files, and then configure your HSM with rate limiting on the number of decryptions that can take place per hour. This would mean that a hacker that compromised your network and tried to use the HSM to decrypt all of the data at once would likely go over the rate limit, triggering an alert.
Has anyone written about general-purpose design patterns like this? Ones that could apply to many different types of HSMs from different companies, as long as the features required by that pattern were supported by the specific HSM vendor? Or are HSMs too niche of a topic to get this kind of treatment?
