|
|
Initiation responsibility: IT Security Management
Implementation responsibility: IT Security Management
Many cryptographic security components offer the option of distinguishing between multiple user roles and the associated actions that can be executed by the authorised personnel. Depending on protection requirements, access control and authentication mechanisms may be necessary in this connection in order to be able to verify whether a user is in fact authorised to execute the desired service. The various roles can be sensibly subdivided as follows:
Plus at least one of the following:
If the crypto components offer the option of separating the user role and the administrator role, this should be done. The administration should also specify basic settings, such as the password length or key length, to ensure that it is impossible for users to select insecure settings out of convenience or lack of knowledge.
In addition to the various roles, it is also necessary in the same way to distinguish between the various actions or the services provided by the security component. A crypto module should provide the following services, at the very least:
It is essential for staff to be authenticated with respect to the security component, and a wide range of different techniques can be used: passwords, PINs, cryptographic keys, biometric features etc. The crypto component should be configured such that the authentication information has to be re-entered every time there is a role change or after a specified period of inactivity. It is also advisable in this connection to set a restriction on the number of authentication attempts (for example by setting the maximum operating error counter to 3).
| © Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |