Entrust nShield Security Manual page 88
Hide thumbs
Also See for nShield:
- Installation manual (73 pages) ,
- Hardware and setup manual (26 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Null module key: K
MWK
The null module key is used to create Logical Tokens that can be loaded onto any
Module (e.g. used when initializing a Security World). The null module key is a
symmetric key with a well-known hash and value. As its value is well known, the null
module key cannot be used to protect the integrity or confidentiality of any data. It is
not possible to create key blobs protected by the null module key. It is possible to
create a Logical Token protected by the null module key, but any key (protected by
this Logical Token) must have the ACL entry
Operator Card Set (OCS)
Part of the Security World architecture, an Operator Card Set (OCS) is a set of smart
cards containing shares of the logical tokens that is used to control access to
application keys within a Security World. OCSs are protected using the Security
World key, and therefore they cannot be used outside the Security World.
See also
Security
World,
Recovery key: K
RA
The recovery key is the public key of the key recovery agent.
Remote access solution
The remote access solution, such as SSH or a remote desktop application, which is
used as standard by your organization. Enables you to carry out Security World
administrative tasks from a different location to that of an nShield Connect or nShield
Solo.
For example, the remote access solution is used to run Security World utilities
remotely and to enter passphrases.
Entrust does not provide this software.
Remote Administration
An optional Security World feature that enables Remote Administration card holders
to present their cards to an HSM located elsewhere. For example, the card holder may
be in an office, while the HSM is in a data center. Remote Administration supports the
ACS, as well as persistent and non-persistent OCS cards, and allows all smart card
operations to be carried out, apart from loading feature certificates.
nShield Remote Administration Client
A GUI or command-line interface that enables you to select an HSM located
elsewhere from a list provided by the Remote Administration Service, and associate a
card reader attached to your computer with the HSM. Resides on your local Windows
nShield® Security Manual
Administrator Card Set (ACS)
AllowNullKMToken
set.
88 of 90
Advertisement
Table of Contents
Need help?
Do you have a question about the nShield and is the answer not in the manual?