Security Policy: Difference between revisions

Jump to navigation Jump to search

Security Policy (view source)

Revision as of 23:43, 18 August 2006

127 bytes removed ,  18 August 2006
→‎Specification of Services
Line 373: Line 373:
==Specification of Services==
==Specification of Services==


Since there is only one role, the user has access to '''ALL''' the services. Routines have been specified for each service and denoted whether or not they are '''public''', meaning that the user doesn't need to authenticate to the module to use the routine, or '''private''', meaning that the user needs to authenticate to the module to use the routine. This model allows a type of '''safety state''' by allowing a NSS user to log out (thus disallowing any access to private services) without ending the session, and then log back in to re-authenticate and access private services rendered by the cryptographic module. All public and private services are listed in the following table:
The Crypto officer role is entered implicitly by invoking any installation or initialization service. For all other services the User role is assumed.
 
Routines have been specified for each service and denoted whether or not they are '''public''', meaning that the user doesn't need to authenticate to the module to use the routine, or '''NSS User''', meaning that the user needs to login to the module to use the routine. The following table lists the defined services and correlates role, service type and access to cryptographically significant resources.


<table border="1">
<table border="1">
Neil.williams
198

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/31982"

Navigation menu