Preload Utility - Entrust nShield Security Manual

assumed to be trusted, and will not perform malicious actions which would be
detrimental to the security of the HSM, or the security concerns of the HSM's operator.
Any client application using the cryptographic services of the HSM should securely
gather identification and authentication data from its users and securely transfer it to the
HSM when authorizing the use of HSM assets and services.
Any client application using the cryptographic functions of the HSM should ensure that
the correct data are supplied in a secure manner (including any relevant requirements for
authenticity, integrity and confidentiality).
Any client application using the cryptographic functions of the HSM should protect the
security concerns of its users, and comply with the user's security policies concerning
key and sensitive data management.
The client should ensure that the host platform running their application contains an
available random number generator of sufficient quality to allow the generation of keys
that contain enough entropy as to be unpredictable.
The client should ensure that all cryptographic keys generated or cryptographic
algorithm used on the host platform conform to specifications that are endorsed by
recognized security authorities.
The strength of client keys used to build a secure channel to the HSM must meet the
strength specified in

6.8. Preload utility

preload
The utility preloads keys, for example, when using a PKCS #11 application. For a
description, see the Preload Utility Appendix of the User Guide for your HSM.
The following security guidance should be followed when using the preload utility:
preload
The use of is not recommended if any of the following apply on the client/host
platform:
• Standard user or group file permissions, that is, file discretionary access control, can
be circumvented. For example, on Linux, via users being permitted to execute
commands.
• The threat exists that a malicious user (attacker) can gain unauthorized access to the
user's account on the client platform. For example, if the remote login authentication
credentials are weak for the host platform.
• Malicious insider threat: A privileged user of the client platform is untrusted, and
could bypass security controls that may lead to compromising the security of other
users on that client platform.
nShield® Security Manual
NIST SP800-131A Revision 1.
sudo
45 of 90