HSM Roles and Procedures
SafeNet Luna PCIe HSM divides roles on the HSM according to an enhanced version of the PKCS#11 standard. Configuration, administration, and auditing of the HSM itself is the responsibility of the roles described below. Cryptographic functions take place on the application partition, which has a different set of independent roles (see Partition Roles and Procedures).
Personnel holding the HSM roles described below access HSM functions by logging in to the Admin partition on the HSM using LunaCM. They must therefore have the appropriate Administrator access to the workstation hosting the SafeNet Luna PCIe HSM.
The HSM-level roles are as follows:
HSM Security Officer (SO)
The HSM SO handles all administrative and configuration tasks on the HSM, including:
>Initializing the HSM and setting the SO credential (see HSM Initialization)
>Setting and changing global HSM policies (see HSM Capabilities and Policies)
>Creating/deleting the application partition (see Create Application Partitions)
>Updating the HSM firmware (see Updating the SafeNet Luna PCIe HSM or SafeNet Luna Backup HSM Firmware)
Managing the HSM Security Officer Role
Refer also to the following procedures to manage the HSM SO role:
>Logging In as HSM Security Officer
Auditor (AU)
The Auditor is responsible for managing HSM audit logging. These responsibilities have been separated from the other roles on the HSM and application partition so that the Auditor can provide independent oversight of all HSM processes, and no other user, including the HSM SO, can clear those logs. The Auditor's tasks include:
>Initializing the Auditor role
>Setting up audit logging on the HSM
>Configuring the maximum size of audit log files and the time interval for log rotation
>Archiving the audit logs
Managing the Auditor Role
Refer to Configuring and Using Audit Logging for procedures involving the Auditor role. See also:
Administrator (AD)
The HSM Administrator is a deprecated role on the Admin partition whose functions are now served by the application partition roles (see Partition Roles and Procedures). Initializing this role is not recommended.