Next:
Key Pair Generation and
Up:
cps-medium
Previous:
Documentation supplied to personnel
Contents
TECHNICAL SECURITY CONTROLS
Subsections
Key Pair Generation and Installation
Key pair generation
Private key delivery to entity
Public key delivery to certificate issuer
CA public key delivery to users
Key sizes
Public key parameters generation
Parameter quality checking
Hardware/software key generation
Key usage purposes (as per X.509 v3 key usage field)
Private Key Protection
Standards for cryptographic module
Private key (n out of m) multi-person control
Private key escrow
Private key backup
Private key archival
Private key entry into cryptographic module
Method of activating private key
Method of deactivating private key
Method of destroying private key
Other Aspects of Key Pair Management
Public key archival
Usage periods for the public and private keys
Activation Data
Activation data generation and installation
Activation data protection
Other aspects of activation data
Computer Security Controls
Specific computer security technical requirements
Computer security rating
Life Cycle Technical Controls
System development controls
Security management controls
Life cycle security ratings
Network Security Controls
Cryptographic Module Engineering Controls
David Groep
2001-10-12
