Table of Contents
Advertisement
Establish connection with OKM
Establish TLS Session
cluster
Establish connection with
Establish SSH session
remote workstation
Export AES Key Wrap
Export AKWK to the OKM
Key (AKWK)
cluster
Import the KWKPublicKey
Import
from the OKM cluster onto the
KWKPublicKey
module
Import one or more ME_Keys
Import ME_Key
onto the module from the OKM
cluster
2.4.4 Additional Operator Services
In addition to CO and User services, the module provides services to operators
that are not required to assume an authorized role. These services do not modify,
disclose, or substitute the keys and CSPs established in one of the Approved
modes. The overall security of the module is not affected by these services.
Table 5 lists the services available to operators not required to assume an
authorized role. These services are available in all Approved modes of operation.
This document may be freely reproduced and distributed whole and intact including this Copyright notice.
Permanent Encryption
Encryption Enabled
Permanent Encryption
Encryption Enabled
Encryption Disabled
Permanent Encryption
Encryption Enabled
Permanent Encryption
Encryption Enabled
Permanent Encryption
Encryption Enabled
© Copyright 2017 Oracle Corporation
DRBG 'Key' Value – WRX
DRBG 'V' Value – WRX
DRBG Seed – WRX
TLS_PM – WRX
TLS_MS – WRX
TLS_EMK – W
TLS_DMK – W
TLS_ECK – W
TLS_DCK – W
CA_Cert – X
TDPubKey – X
TDPrivKey – X
SSH_HOST_PRIV – X
SSH_HOST_PUB - X
SSH_SK - WRX
SSH_SA - WRX
Mixed Mode
SSH_KEX_PRI - WRX
DRBG 'Key' Value – WRX
DRBG 'V' Value – WRX
DRBG Seed – WRX
AKWK – W
KWKPublicKey – X
TLS_EMK – X
TLS_ECK – X
KWKPublicKey – W
TLS_DMK – X
TLS_DCK – X
ME_Key – W
TLS_DMK – X
TLS_DCK – X
AKWK – X
Page 24 of 51
Advertisement
Table of Contents
