MozillaWiki

Security Policy: Difference between revisions

Page Discussion

Security Policy (view source)

Revision as of 20:52, 23 March 2007

1,526 bytes removed ,  23 March 2007
m
→‎Multiple Concurrent Operator Roles and Services
Line 24: Line 24:
After each failed authentication attempt in FIPS mode, the NSS cryptographic module inserts a one-second delay before returning to the caller, allowing at most 60 authentication attempts during a one-minute period. Therefore, the probability of a successful random guess of the password during a one-minute period is < 60 * 1/10,000,000 = 0.6 * (1/100,000).
After each failed authentication attempt in FIPS mode, the NSS cryptographic module inserts a one-second delay before returning to the caller, allowing at most 60 authentication attempts during a one-minute period. Therefore, the probability of a successful random guess of the password during a one-minute period is < 60 * 1/10,000,000 = 0.6 * (1/100,000).


===Multiple Concurrent Operator Roles and Services===


The NSS cryptographic module doesn't allow concurrent '''operators'''.
* For Security Level 1, the operating system has been restricted to a single operator mode of operation, so concurrent operators are explicitly excluded (FIPS 140-2 Sec. 4.6.1).
* On a multi-user operating system, this is enforced by making the NSS certificate and private key databases readable and writable by only the owner of the files.
FIPS 140-2 Implementation Guidance 6.1 clarifies the use of a cryptographic module on a server.
<div class=quote>
When a crypto module is implemented in a server environment, the server application is the user of the cryptographic module. The server application makes the calls to the cryptographic module. Therefore, the server application is the single user of the cryptographic module, even when the server application is serving multiple clients.
</div>
<div class=note>
'''Note''': The NSS cryptographic module does allow concurrent '''processes''' with the same user identity to access the module, with the restriction that all the concurrent processes must open the NSS databases in read-only mode. Each process accessing the module needs to assume a role separately.
The NSS cryptographic module also allows a process to open multiple concurrent '''sessions''' (connections) with the module. When a session within a process assumes a role, all the concurrent sessions within the process assume that role (PKCS #11 v2.20, Sec. 11.4, C_Login).
</div>


==Access Control Policy==
==Access Control Policy==
Glen
219

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/52831"