DINAMO: past, present, and future

November 02, 2012

For the last years (more time than I could anticipate), I’ve been really busy as the leader engineer behind a very cool project called DINAMO. It’s an HSM appliance, certified under ITI/ICP-Brasil (people outside Brazil usually doesn’t know that this standard is a FIPS 140-2 superset, and ignore how PKI is in such an advanced state of affairs here).

When the original project vision was stated, we could barely dream about how important that technology would become. And how ubiquitous and diversified it’s right now, after almost a decade of existence.

It’s been a long time ever since some pictures of the original DINAMO team were taken (at that time, it was not even called DINAMO!). I thought the material was lost, and it came to a great surprise when I found them in an old backup:

alt original Dinamo team Original DINAMO HSM Team, circa 2004 - BSB/Brazil

Back then, everything was so primitive, as can be seen from the computers used to bootstrap our firmware/libs. That’s is the “beauty” of hard working conditions - when overall resources are scarce, we gotta leverage a great deal of persistence and creative work. And I believe we accomplished very much. With so little! (in every sense)

Here we have my manager Enilton Nascimento, and my good friend Rafael Lucyk (I’m on the right). It’s been great working closely with these smart guys, that are always very supportive. I would also like to thank them for authorizing the post.

A major project milestone will be achieved in the foreseeable future. We’re about to ship a new appliance release, with a powerful and transparent replication layer. Under an NDA, I can’t talk further about it right now, but i can anticipate that it’s going to redefine the way network attached HSM pools operate. Meanwhile, I leave you with a lab picture of a small DINAMO pool (XP models), under stress/replication tests:

alt small Dinamo XP pool small Dinamo XP pool

The cables are ugly. The image is awful. The monitor is old. But the pool… it works in a decentralized/automatic manner. Without resorting to master-slave shenanigans! (UPDATE, Sep/2013: more details about Replication Layer.