Home > |
Administration Guide > Secure Trusted Channel (STC) > Configuring the Network and Security Settings for an STC Link
|
---|
STC provides several configurable options that define the network settings for an STC link, and the security settings for the messages transmitted over the link. Although default values are provided that provide the optimal balance between security and performance, you can override the defaults, if desired.
The configurable options are set at the partition level and apply to all STC links to a specific partition. This allows you to configure different settings for individual partitions. You must have SO privileges to the partition to configure its STC options.
For the STC admin channel, the configurable options apply to all communications between the HSM and the local services and applications on the appliance, such as LunaSH and NTLS.
You can configure the following options for partition/client STC links
Use LunaCM to configure the STC options for partitions with SO. Use LunaSH to configure the STC options for partitions owned by the HSM SO, and to configure the link between LunaSH and the HSM.
The activation timeout is the maximum time allowed to establish the STC link before the channel request is dropped. You can configure this option to specify the activation timeout for all STC links to a partition.
See stcconfig activationtimeoutset in the LunaCM Command Reference Guide.
See the following commands in the LunaSH Command Reference Guide:
•stc activationtimeout set for client-partition links.
•hsm stc activationtimeout set for the LunaSA admin channel link.
By default, all messages traversing an STC link are encrypted. You can configure this option to specify the level of encryption used (AES 128, AES 192, or AES 256) on all STC links to a partition, or to disable encryption on all STC links to a partition.
See stcconfig cipherdisable in the LunaCM Command Reference Guide.
See the following commands in the LunaSH Command Reference Guide:
•stc cipher enable for client-partition links.
•hsm stc cipher enable for the LunaSA admin channel link.
By default, the integrity of all messages traversing an STC link is verified using an HMAC message digest algorithm. You can configure this option to specify the algorithm used (HMAC with SHA 256, or HMAC with SHA 512).
See stcconfig hmacdisable in the LunaCM Command Reference Guide.
See the following commands in the LunaSH Command Reference Guide:
•stc hmac enable for client-partition links.
•hsm stc hmac enable for the LunaSA admin channel link.
The session keys and encryption keys created when an STC tunnel is established are automatically regenerated after the number of messages specified by the rekey threshold have traversed the link. You can configure this option to specify the key life for the session and encryption keys used on all STC links to a partition.
See stcconfig rekeythresholdset in the LunaCM Command Reference Guide.
See the following commands in the LunaSH Command Reference Guide:
• stc rekeythreshold set for client-partition links.
•hsm stc rekeythreshold set for the LunaSA admin channel link.
All packets sent over the STC link are sequenced and tracked. This allows the receiver to reject old or duplicate packets, thus preventing an attacker from attempting to insert or replay packets on the link. The receiver remembers which packets it has received within a specified window, and rejects any packets that have already been received or that are older than the oldest packet in the window. You can configure this option to specify the number of packets in the window of sequenced packets that are tracked to provide anti-replay protection on all STC links to a partition.
See stcconfig replaywindowset in the LunaCM Command Reference Guide.
See the following commands in the LunaSH Command Reference Guide:
•stc replaywindow set for client-partition links.
•hsm stc replaywindow set for the LunaSA admin channel link.