Secure Auditing With a hardware security module (HSM)
- 26 Nov 2024
- 1 Minute à lire
- SombreLumière
- PDF
Secure Auditing With a hardware security module (HSM)
- Mis à jour le 26 Nov 2024
- 1 Minute à lire
- SombreLumière
- PDF
The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article
Avez-vous trouvé ce résumé utile ?
Merci pour vos commentaires
To enable secure auditing for a hardware security module (HSM), a master audit key pair must be created on the HSM. This must be done before you configure OneSpan Authentication Server to use secure auditing.
The public key from the master audit key pair must be exported from the HSM to allow its use in verification.
OneSpan Authentication Server will request a signature from the HSM for each epoch and use this as the epoch ID. An epoch key pair will be generated, consisting of an epoch public key and an epoch private key. Each secure audit entry will contain the epoch public key, the epoch ID, and an cryptographic signature that relates it to the previous and subsequent entries.
To verify each secure audit entry, the Secure Auditing Verification Tool uses the following:
- The epoch public key
- The epoch ID (supplied on each secure audit line)
- The master audit public key which has been exported to a PEM file.
The entire file will be verified with a Yes (verification successful) or No (verification unsuccessful) result provided after verification.
Cet article vous a-t-il été utile ?