1. Manuals
  2. Brands
  3. HP Manuals
  4. Storage
  5. FIPS 140-2
  6. Supplementary manual

User Role - HP FIPS 140-2 Supplementary Manual

Security policy
Hide thumbs
Table of Contents

Advertisement

Security Policy, version 1.0
Service
Perform first-time
initialization
Upgrade firmware
Configure FIPS mode
Manage keys
Manage clusters
Manage services
Manage operators
Manage certificates
Reset factory settings
Restore default
configuration
Restore configuration
file
Backup configuration
file
Zeroize all keys/CSPs
2.4.2

User Role

The User role is associated with external applications or clients that connect to the KMS via its XML interface.
Users in this role may exercise services—such as key generation and management—based on configured or
predefined permissions. See Table 7 – User Services for details. The keys and CSPs in the rightmost column
correspond to the keys and CSPs introduced in Section 2.7.1.
HP StorageWorks Secure Key Manager
Description
Configure the module when it is used for the
first time
Upgrade firmware (firmware must be FIPS-
validated)
Enable/disable FIPS mode
Manage all client keys that are stored within
the module. This includes the generation,
storage, export (only public keys), import, and
zeroization of keys.
Manage all clusters that are defined within
the module. This includes the creation,
joining, and removal of a cluster from the
module.
Manage all services supported by the
module. This includes the starting and
stopping of all services.
Create, modify, or delete module operators
(Crypto Officers and Users).
Create/import/revoke certificates
Rollback to the default firmware shipped with
the module
Delete the current configuration file and
restores the default configuration settings
Restore a previously backed up configuration
file
Back up a configuration file
Zeroize all keys and CSPs in the module
© 2008 Hewlett-Packard Company
This document may be freely reproduced in its original entirety.
January 31, 2008
Keys/CSPs
Crypto Officer (admin) password
– write;
Kdsa public/private – write;
Krsa private – write;
Krsa private – write;
Log signing RSA key – write;
Log signature verification RSA
key – write;
KRsaPub – write;
KRsaPriv – write.
Firmware upgrade key – read
None
Client keys – write, read, delete;
PKEK – write, read, delete.
Cluster Member passwords –
write, delete
None
Crypto Officer passwords –
write, delete; User passwords –
write, delete
KRsaPub – write, read, delete;
KRsaPriv – write, read, delete;
CARsaPub – write, read, delete;
CARsaPriv – write, read, delete;
Client RSA public keys – read.
All keys/CSPs – delete
None
None
None
All keys and CSPs – delete
Page 12 of 26

Advertisement

Table of Contents
loading

Related Manuals for HP FIPS 140-2

Related Content for HP FIPS 140-2

This manual is also suitable for:

Storageworks secure key manager

Table of Contents