Cryptoki Configuration

A number of steps must be taken in order for applications to operate correctly with ProtectToolkit-C. The ProtectToolkit-C environment can be extensively configured in order to allow for the wide range of security requirements that various applications may have. It is important therefore that these requirements be known when configuring ProtectToolkit so that the most suitable security settings and functionality for the particular applications can be chosen.

This chapter begins with an introduction to the application and security model used by ProtectToolkit-C. The chapter then covers the steps required to configure a system utilizing ProtectToolkit-C for the first time. The concepts of Trust Management and Token Replication are discussed and illustrated with examples. Finally, the Work Load Distribution Model is explained and a configuration example is provided.

This chapter contains the following sections:

>The ProtectToolkit-C Model

>Initial Configuration

•Trust Management

•Establishing Trust Relationships

•Token Replication

>Work Load Distribution Model (WLD) and High Availability (HA)

>External Key Storage

>Real-Time Clock

>ProtectToolkit-C Configuration Items