Home > |
---|
Ordinarily, when a PED-authenticated HSM partition is created, a random challenge-secret is generated and displayed by the PED. That secret becomes the authentication secret for your applications accessing that HSM partition. This is a security feature and is useful for that reason in most situations. It enforces a high-security password at the outset. However, in some scenarios, the imposed hands-on activity of reading a 16-character string from the PED screen and recording it, by hand-writing or typing , might be inappropriate.
PED- authenticated SafeNet HSMs 5.4.x and later allow you to specify a default partition password at "partition create" time.
This feature is useful in three situations:
•It allows you to deploy many partitions automatically.
•It allows fully automated testing for PED-authenticated SafeNet HSMs.
•It allows the use of Crypto Command Center (CCC) to create a High Availability group, which requires all member partitions to share the same password.
The automated testing is important to us, for repeatability and reliability of our testing at various stages of development, validation, and production quality control, but many customers might also wish to perform their own automated testing after receiving purchased SafeNet HSMs, before deploying in their own networks, or after pre-configuring HSMs and partitions for shipment/deployment to their own third-party customers.