Filter
Top Products
CCA Release 2.54
CCA Access-Control
This section describes these CCA access-control system topics:
Understanding access control
Role-based access control
Initializing and managing the access-control system
Logging on and logging off
Protecting your transaction information.
Understanding Access Control
Access control is the process that determines which CCA services or “commands”
1
of the IBM 4758 PCI Cryptographic Coprocessor are available to a user at any
given time. The system administrator can give users differing authority, so that
some users have the ability to use CCA services that are not available to others.
In addition, a given user's authority may be limited by parameters such as the time
of day or the day of the week.
Also see the discussion of Access Controls in Chapter 6 of the IBM 4758 PCI
Cryptographic Coprocessor CCA Support Program Installation Manual.
Role-Based Access Control
The IBM 4758 CCA implementation uses role-based access control. In a
role-based system, the administrator defines a set of roles, which correspond to the
classes of Coprocessor users. Each user is enrolled by defining a user profile,
which maps the user to one of the available roles. Profiles are described in
“Understanding Profiles” on page 2-4.
Note: For purposes of this discussion, a user is defined as either a human user or
an automated, computerized process.
As an example, a simple system might have the following three roles:
General User A user class which includes all Coprocessor users who do not have
any special privileges
Key-Management Officer Those people who have the authority to change
cryptographic keys for the Coprocessor
Access-Control Administrator Those people who have the authority to enroll new
users into the Coprocessor environment, and to modify the access rights of
those users who are already enrolled.
Normally, only a few users would be associated with the Key-Management Officer
role, but there generally would be a large population of users associated with
General User role. The Access-Control Administrator role would likely be limited to
a single “super user” since he can make any change to the access control settings.
In some cases, once the system is setup, it is desirable to delete all profiles linked
to Access-Control Administrator roles to prevent further changes to the access
controls.
1
At the end of each CCA verb description you will find a list of commands that must be enabled to use specific capabilities of the
CCA verb.
2-2 IBM 4758 CCA Basic Services, Release 2.54, February 2005