canmove, Confirmed users
937
edits
FIPS Operational Environment: Difference between revisions
Jump to navigation
Jump to search
→Configuring Discretionary Access Control
| Line 98: | Line 98: | ||
'''N/A'''. The NSS cryptographic module does not support manual entry of cryptographic keys and CSPs. | '''N/A'''. The NSS cryptographic module does not support manual entry of cryptographic keys and CSPs. | ||
==Auditable Events== | |||
<div class=note>Many auditable events required by FIPS 140-2 are related to the crypto officer role. In the NSS cryptographic module, the crypto officer role is only used to perform these functions: | |||
* install the module, | |||
* initialize or re-initialize the module, and | |||
* initialize the NSS User's password. | |||
Moreover, the operator assumes the crypto officer role implicitly when he performs a crypto officer function. No explicit request or authentication (beyond logging into the OS user account) is required.</div> | |||
The following events are auditable by the NSS cryptographic module. | |||
* attempts to provide invalid input for crypto officer functions | |||
** We log the use of all crypto officer functions (see below) with the return code. The return code tells us whether the operator attempted to provide invalid input. | |||
* the addition or deletion of an operator to/from a crypto officer role | |||
** N/A. Any authorized operator can assume the crypto officer role. | |||
* operations to process audit data stored in the audit trail | |||
** These operations are recorded by the audit mechanism of the OS. | |||
* requests to use authentication data management mechanisms | |||
** FC_InitPIN calls (which initialize the NSS User's password) | |||
** FC_SetPIN calls (which change the NSS User's password) | |||
* use of a security-relevant crypto officer function | |||
** FC_InitToken calls (which re-initialize the module) | |||
** FC_InitPIN calls (which initialize the NSS User's password) | |||
* requests to access authentication data associated with the cryptographic module | |||
** N/A. The module doesn't give the operator access to the authentication data. | |||
* use of an authentication mechanism (e.g., login) associated with the cryptographic module | |||
** FC_Login calls | |||
** FC_Logout calls | |||
* explicit requests to assume a crypto officer role | |||
** N/A. The crypto officer role is assumed implicitly when the operator performs crypto officer functions. | |||
* the allocation of a function to a crypto officer role | |||
** N/A. The functions allocated to the crypto officer role are fixed. | |||
* other auditable events | |||
** Power-up self-test failure | |||
** Pair-wise consistency test failure | |||
** Continuous random number generator test failure | |||