Deployment Options
Three deployment options exist: IBM Digital Asset Haven SaaS (IBM manages all keys), IBM Digital Asset Haven with HSM Signer (shared responsibility), and integrated with Hyper Protect Offline Signing Orchestrator. Each model offers different levels of control and security.
- IBM Digital Asset Haven SaaS
- IBM securely manages all the key shares within our robust, geographically distributed cloud infrastructure
For more information on setting up IBM Digital Asset Haven SaaS, see Setting up trial.
- IBM Digital Asset Haven with HSM Signer
- A hybrid approach where IBM manages part of the key shares in the cloud, and your organization retains control of the remaining shares in an HSM signer. This ensures you participate in every signing request, providing direct control over transaction approvals.
For more information on setting up IBM Digital Asset Haven with integrated with HPVS, see Configuring IBM Digital Asset Haven with HSM Signer.
Figure 1. IBM Digital Asset Haven with HSM Signer 
- IBM Digital Asset Haven integrated with IBM Hyper Protect Offline Signing Orchestrator
- Combines IBM Digital Asset Haven with Hyper Protect Offline Signing Orchestrator for maximum isolation and security. This model is ideal for organizations with stringent compliance requirements.
For more information on setting up IBM Digital Asset Haven integrated with IBM Hyper Protect Offline Signing Orchestrator, see Configuring IBM Digital Asset Haven integrated with IBM Hyper Protect Offline Signing Orchestrator
Figure 2. IBM Digital Asset Haven integrated with IBM Hyper Protect Offline Signing Orchestrator 