User Access Control

The security of an HSM and its cryptographic contents depends on well-controlled access to that HSM. A controlled access policy is defined by:

>the set of users with valid login credentials for the host system, the HSM and the application partition

>the actions each user is allowed to perform when logged in (the user's role)

For example, an access policy that adheres to the PKCS#11 standard requires two roles: the security officer (SO), who administers the user account(s), and the standard user, who performs cryptographic operations. When a user logs in to the HSM, they can perform only those functions that are permitted for their role.

Access to SafeNet Luna PCIe HSM is controlled through an enhanced version of the PKCS#11 hierarchy of roles, assigned to different users in your organization. Each role allows its user to execute a different set of commands to perform specialized tasks at one of the following levels:

HSM-Level Roles

HSM roles are responsible for administration, configuration, and auditing of the HSM. These roles log in to the SafeNet Luna PCIe HSM Admin partition using LunaCM. HSM-level roles cannot perform cryptographic operations on the application partition.

Table 1: HSM Roles

HSM Security Officer (SO)

PED Key: Blue

>Initializes the HSM, creating the SO credential

>Creates/deletes the application partition

>Configures global HSM policies

>Performs updates of the HSM firmware

Auditor (AU)

PED Key: White

>Manages HSM audit logging

Partition-Level Roles

Partition-level roles are responsible for administration and configuration of the application partition, and using the partition to perform cryptographic functions. Partition roles log in using LunaCM, or supply their credentials via crypto applications.

Table 2: Partition Roles

Partition Security Officer (PO)

PED Key: Blue

>Initializes the partition, creating the PO credential and setting the cloning domain

>Initializes the Crypto Officer role and can reset the CO credential (if permitted by HSM policy)

>Configures partition policies

Crypto Officer (CO)

PED Key: Black

>Creates and modifies cryptographic objects on the partition

>Manages backup and restore operations for the partition

>Performs cryptographic functions via user applications

>Initializes the Crypto User role and can reset the CU credential

Crypto User (CU)

PED Key: Gray

>Performs cryptographic functions via user applications (optional read-only role)

>Can create public objects only

>Can perform backup/restore of public objects on the partition


Customer Support Portal

SafeNet Luna PCIe HSM 7.3 Product Documentation  13 December 2019  Copyright 2001-2019 Thales. All rights reserved.