A Security Officer manages security settings, users, sites, and Transfer Partners. This chapter describes the following:
Operations that a user who has been given a Security Officer role can perform. If you have been assigned multiple roles, refer to the appropriate chapter for instructions on performing the specific role.
Procedures for enabling and disabling a technical support account.
As a Security Officer, you can manage the entities (KMAs, users, sites, Transfer Partners) as well as various security aspects of the system.
The KMA List menu option allows you to:
View KMAs
Create a KMA
Modify a KMA's information
Delete a KMA
Modify a Key Pool size (refer to "Modifying a Key Pool Size"). This is a Backup Operator function.
Note: All six roles can now access the KMA List panel and view the key pool size. |
To view KMAs:
From the System Management menu, select KMA List. The KMA List screen is displayed.
You can also scroll through the database and filter the KMA list by any of the following keys:
KMA Name
Description
Site ID
Management Network Address
Service Network Address
Management Network Address (IPv6)
Service Network Address (IPv6)
Version
Failed Login Attempts
Enrolled
The Use button applies the filter to the displayed list for the KMA.
The fields and their descriptions are as follows:
Filter:
Displays the fields that you can use to filter the results of queries made to the KMA. Possible values are:
KMA Name
Description
Site ID
Management Network Address
Service Network Address
Management Network Address (IPv6)
Service Network Address (IPv6)
Version
Failed Login Attempts
Enrolled
Filter Operator box:
Click the down-arrow and select the filter operation you want. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Empty
Not empty
Filter Value 1 box:
If you selected one of the date filters, click Set Date to specify start date and time. The value appears as a starting value of the filter key range. If you selected any other filter, type a value in this field.
Filter Value 2 box:
If you selected one of the date filters, click Set Date to select an end date and time. The value appears as an ending value of the filter key range.
Use:
Click this button to apply the filter to the displayed list.
Refresh:
Click this button to refresh the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Click this button to go to the next page.
Results in Page:
Displays the number of records per page that were configured in the Query Page Size field in the Options dialog box.
KMA Name
Displays the user-supplied identifier that distinguishes each KMA in a Cluster.
KMA ID
Displays a system-generated unique identifier that identifies the KMA.
Description
Describes the KMA.
Site ID
Describes the site to which the KMA belongs.
Management Network Address
Displays the IP address of the KMA on the management network.
Service Network Address
Displays the IP address of the KMA on the service network.
Management Network Address (IPv6)
Displays the IPv6 address (if any) of the KMA on the management network.
Service Network Address (IPv6)
Displays the IPv6 address (if any) of the KMA on the service network.
Version
Displays the version number of the KMA software. For OKM 3.0 KMAs, the version string shows the following format: <OKM release>-5.11-<OKM build>. For example, 3.0.0-5.11-2012.
Failed Login Attempts
Displays the number of times that an attempted logon has failed.
Responding
Indicates whether the KMA is running. Possible values are True or False.
True indicates that the KMA is responding to requests from the KMA to which this OKM is connected (that is, the local KMA). While this status applies between every pair of KMAs in the Cluster, the values shown indicate whether each of the KMAs listed (that is, the remote KMAs) are responding to requests from the local KMA.
False indicates that the remote KMA is not responding to requests, perhaps because the remote KMA is down or the communications link to the remote KMA is down.
Responding on Service Network
Indicates whether or not the KMA is responding on the service network. Possible values are ”Responding,” ”Not Responding,” or ”Not Accessible.”
Responding indicates the KMA is responding to requests from the KMA this OKM is connected to (that is, the local KMA). While this status applies between every pair of KMAs in the Cluster, the values shown indicate whether each of the KMAs listed (that is, the remote KMAs) are responding to requests from the local KMA.
Not Responding indicates the remote KMA is not responding to requests, perhaps because the remote KMA is down or the communications link to the remote KMA is down.
Not Accessible indicates the remote KMA is not accessible to the local KMA, perhaps because the service network configuration does not provide a default or static route to that KMA.
Note: If the local KMA has configured a default route, then it is considered to have a route to remote KMAs. Other KMAs are shown as ”Not Responding” if they do not respond on the service network.If a default or static route is not defined, then other KMAs may be shown as ”Not Accessible.” Older KMAs (OKM 2.3.x or earlier) are shown as ”Responding.” |
Response Time
Displays the time (in milliseconds) that the KMA takes to respond to a request on its management network. This value is typically a few hundred milliseconds. It can be larger if a WAN connection exists between the local KMA and a remote KMA. It can also be larger if the communications link between KMAs is busy.
Replication Lag Size
Displays the number of updates before replication takes place. This number should be zero or a small value. Larger values indicate that replications are not getting completed in a timely manner, the communications link between KMAs is down or busy, or a remote KMA is down. This value will also be very large when a new KMA has just been added to the Cluster.
Key Pool Ready
Displays the percentage of unallocated keys that are ready.
Key Pool Backed Up
Displays the percentage of the Key Pool that has been backed up.
Note: N/A indicates that the KMA cannot determine this value, because either the KMA runs down-level software or it is currently using a lower Replication Version. |
Locked
Indicates whether or not the KMA is locked.
Note: N/A indicates that the KMA cannot determine this value, because either the KMA runs down-level software or it is currently using a lower Replication Version. |
Enrolled
Indicates whether the KMA has been added or logged into the Cluster successfully. Possible values are True or False.
True indicates that the KMA has successfully been added or logged into the Cluster.
This value is False when the KMA is first created and will change to True once the KMA has logged into the Cluster. It can also be False when the KMA's passphrase is changed. Once a KMA has logged in, the passphrase used to log in can no longer be used. The passphrase must be changed before the KMA can log into the Cluster again.
HSM Status
Indicates the status of the Hardware Security Module (HSM). Possible values are Unknown, Inactive, Software, Hardware, SW Error, HW Error, or Not Present.
Unknown
The KMA is running a software release older than KMS 2.2.
Inactive
The KMA currently does not need to use the HSM, typically because the KMA is locked.
Software
The HSM is not functional, and the KMA is using the software provider to generate Keys.
Hardware
The HSM is functional, and the KMA is using it to generate Keys.
SW Error/HW Error
The KMA encountered an error when it tried to query the status of the software provider (SW Error) or the HSM (HW Error).
Note: Normally, the HSM is functional (Hardware). However, if the HSM becomes non-functional (Software) and the FIPS Mode Only security parameter is set to Off (see "Retrieving the Security Parameters"), then the KMA switches to using the software provider to generate Keys. |
If the HSM becomes non-functional and the FIPS Mode Only security parameter is set to On, then the KMA cannot generate Keys or return AES wrapped key material to Agents.
If the value is Software, SW Error, or HW Error, check the Sun Crypto Accelerator (SCA) 6000 card on this KMA (see "Checking the SCA 6000 Card").
Not Present
The HSM is not present and the KMA is using the software provider to generate keys.
It is possible that an existing KMA in a Cluster may contain a failed SCA 6000 card. To identify a failed card, examine the rear of the KMA server and check the LEDs on the card.
A functional SCA 6000 card on a KMS 2.1, 2.2, or OKM 2.3 and later KMA that has been initialized through the QuickStart program displays a flashing green Status LED (identified with an S) and solid green FIPS (F) and Initialized (I) LEDs.
If the Status LED is not flashing green and the FIPS and Initialized LEDs are not solid green, then the KMA has a faulty SCA 6000 card, and the KMA must be replaced if FIPS mode is required.
See the SCA 6000 User Guide for a description of the LEDs on an SCA 6000 card.
If you want to create a KMA, click the Create button. For more information, refer to "Creating a KMA" below.
If you want to view / modify a KMA's details, highlight the KMA and click the Details button. For more information, refer to "Viewing/Modifying a KMA's Details".
If you want to delete a KMA, click the Delete button. For more information, refer to "Deleting a KMA".
To create a KMA:
From the KMA List screen, click the Create button. The Create KMA dialog box is displayed, with the General tab active.
Complete the following parameters:
On the General tab, supply the following information if required:
KMA Name
Type a value that uniquely identifies the KMA in a Cluster. This value can be between 1 and 64 (inclusive) characters.
Description
Type a value that uniquely describes the KMA. This value can be between 1 and 64 (inclusive) characters.
Site ID
Click the down-arrow and select the site to which the KMA belongs. This field is optional.
Open the Passphrase tab.
Complete the following parameters and click the Save button.
Enter Passphrase
Type the passphrase for this user. The minimum value is 8 characters; the maximum value is 64 characters. The default value is 8.
Passphrase requirements:
A passphrase must not contain the user's KMA Name.
A passphrase must contain three of the four character classes: uppercase, lowercase, numeric, or special characters.
The following special characters are allowed:
~ ! @ # $ % ^ & * ( ) - _ = + [ ] { } \ | ; : ' ” < > , . / ?
Control characters, including tabs and linefeeds, are not allowed.
Note: To modify the minimum length requirement for passphrases, see "Modifying the Security Parameters". |
Confirm Passphrase
Type the same value that you entered in the Enter Passphrase field.
The KMA record is added to the database and the entry is displayed in the KMA List screen.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
You must now run the QuickStart program on the KMA(s) you created so that they can join the Cluster. For procedures on joining a Cluster, refer to "Joining an Existing Cluster".
Note: If you are not a Security Officer, when you view a KMA's detailed information, all fields, including the Save button are disabled. |
To modify a KMA's details:
From the KMAs List screen, double-click a KMA entry for which you want more detailed information or highlight a KMA entry and click the Details button. The KMA Details dialog box is displayed.
On the General tab, change the following fields:
Description
Site ID.
On the Network Configuration tab, change the following fields:
Management Network Address
Service Network Address.
On the Key Pool Info tab, the following display-only fields appear:
Ready Keys
Displays the number of Keys that have been generated on this KMA and that have been backed up (for a single-node Cluster) or replicated to other KMAs (for a multi-node Cluster), but have not yet been given out to Agents for encryption.
Backup-Up Ready Keys
Displays the number of Ready Keys in the Key Pool that have been backed up. N/A means that the KMA cannot determine this value, because either the KMA runs down-level software or it is currently using a lower replication version.
Generated Keys
Displays the number of Keys that have been generated on this KMA but have not been backed up (for a single-node Cluster) or replicated to other KMAs (for a multi-node Cluster).
Key Pool Ready
Displays the percentage of Keys in the Key Pool that are ready to be used.
Key Pool Backed Up
Displays the percentage of Ready Keys in the Key Pool that have been backed up. N/A means that the KMA cannot determine this value, because either the KMA runs down-level software or it is currently using a lower replication version.
Open the Passphrase tab and modify the following parameters:
Passphrase
Confirm Passphrase (retype the same passphrase).
When you are finished, click the Save button. The KMA record in the database is modified.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
Note: You can change a KMA's passphrase, provided you are not connected to it. |
When you are creating a new Cluster, a random passphrase is automatically assigned to the KMA that is used to create the new Cluster. If the KMA wants to retrieve an entity's certificate from another KMA in the Cluster because its certificate has expired, then you would have to use this function to set the passphrase to a known value.
To set a KMA's passphrase:
From the KMA List screen, double-click the KMA entry or highlight a KMA entry and click the Details button. The KMA Details dialog box is displayed, with the General tab active.
Open the Passphrase tab and modify the following parameters:
Passphrase
Confirm Passphrase (retype the same passphrase).
Click the Save button to save the changes. The database entry for the KMA is changed.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
Using the Console, on the KMA where the passphrase has been changed, select the function to log the KMA into the Cluster. The KMA is not able to communicate with the Cluster until it is logged back in.
Note: If the KMA has been logged out of the cluster for at least a few hours, then lock the KMA before logging the KMA back into the cluster. After recent updates have been propagated to this KMA, as shown by the Replication Lag Size in the KMA List panel, unlock the KMA.Refer to the following topics for detailed information: |
Important – Before you delete a KMA, you should take it off-line using the Console ”Shutdown KMA” function. If you fail to do this, the KMA continues to function outside of the Cluster and sends ”stale information” to Agents and users.
Normally, this command is only used to delete a failed KMA from the Cluster. However, it may also be used to remove a KMA that is being decommissioned.
If you want a deleted KMA to rejoin a Cluster, you must reset the KMA to the factory default and select option 2 from the QuickStart program.
This option gives the Security Officer the ability to delete a KMA that is no longer in service.
To delete a KMA:
From the KMAs List screen, highlight the KMA you want to delete and click the Delete button. The following dialog box is displayed, prompting you to confirm that you want to delete the selected KMA.
Click the Yes button to delete the KMA. The currently selected KMA is deleted and you are returned to the KMAs List screen. The system also removes any entries that are associated with the KMA and not used by any other entity.
The KMA Performance List menu allows users with any role to query KMA performance information about KMAs in this OKM cluster.
This panel displays performance information about the key requests, replication requests, user requests, and Server Busy conditions that have been issued by each KMA. This information includes rate or count values and processing times.
Rate values represent the rate at which this KMA processed these requests within the selected time period. They are expressed as the average rate of these requests extrapolated over the selected rate display interval unit of time (for example, extrapolated average number of key requests per day). If you set the rate display interval to "entire time period," then the panel instead displays the count of requests this KMA processed within the selected time period.
Processing times represent the average time in milliseconds this KMA has taken to process the requests issued within the selected time period. These processing times are from the perspective of the KMA and describe the amount of time required to process requests internally. They do not include transmission times over the network or the amount of time required to establish an SSL connection.
This panel displays information about Server Busy conditions that the local KMA encountered within the selected time period. This condition indicates that other OKM threads are currently accessing OKM information in a local database and can occur during long-running OKM operations (such as OKM backups).
The OKM cluster must use replication version 15 or later before request processing times are available.
The User List menu option allows you to:
View users
Create a user
Modify existing user information
Delete an existing user.
To view users:
From the System Management menu, select User List. The User List screen is displayed.
You can also scroll through the database and filter the User list by any of the following keys:
User ID
Description
Roles
Enabled
Failed Login Attempts.
The Use button applies the filter to the displayed list for the user.
The fields and their descriptions are given below:
Filter:
Displays the fields that you can use to filter the results of queries made to the KMA. Possible values are:
User ID
Description
Enabled
Failed Login Attempts
Filter Operator box:
Click the down-arrow and select the filter operation you want. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Empty
Not Empty
Filter Value 1 box:
Type a value in this field.
Use:
Click this button to apply the filter to the displayed list.
Refresh:
Click this button to refresh the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of records per page that were configured in the Query Page Size field in the Options dialog box.
User ID
Displays a unique identifier, commonly referred to as ”User Name” that distinguishes each user in a Cluster.
Description
Describes the user.
Roles
Displays the list of security roles for a user. The roles allow the user to perform various operations.
Enabled
Indicates the status of the user. Possible values are True or False.
Failed Login Attempts
Indicates the number of failed login attempts.
If you want to create a user, click the Create button. For more information, refer to "Creating a User".
If you want to modify a user's details, highlight the user and click the Details button. For more information, refer to "Viewing/Modifying a User's Details".
If you want to delete a user, click the Delete button. For more information, refer to "Deleting Users".
A Security Officer can set a user's passphrase if the user's passphrase and/or certificate has been compromised. For procedures on setting a user's passphrase, refer to "Setting a User's Passphrase".
Users can also change their own passphrase. For procedures, refer to "Changing the Passphrase".
To create a user:
From the User List screen, click the Create button. The Create User dialog box is displayed, with the General tab open.
Complete the following parameters:
On the General tab:
User ID
Type a value that uniquely identifies the user. This value can be between 1 and 64 (inclusive) characters.
Description
Type a value that describes the user. This value can be between 1 and 64 (inclusive) characters.
Roles
Select the check boxes beside the roles you want the user to perform.
Note: The Quorum Member check box is disabled (grayed out) if the KMA currently runs KMS software version 2.1 or earlier or if the replication version of the OKM Cluster is currently set to 10 or lower. |
On the Passphrase tab:
Open the Passphrase tab.
Complete the following parameters:
Passphrase
Type the passphrase for this user. The minimum value is 8 characters; the maximum value is 64 characters. The default value is 8.
Passphrase requirements:
A passphrase must not contain the user's User ID.
A passphrase must contain three of the four character classes: uppercase, lowercase, numeric, or special characters.
The following special characters are allowed:
~ ! @ # $ % ^ & * ( ) - _ = + [ ] { } \ | ; : ' ” < > , . / ?
Control characters, including tabs and linefeeds, are not allowed.
Note: To modify the minimum length requirement for passphrases, see "Modifying the Security Parameters". |
Confirm Passphrase
Type the same value that you entered in the Enter Passphrase field.
Click the Save button. The user record is added to the database. The new user is displayed in the User List.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
Note: The currently logged-in Security Officers cannot modify their records. |
To modify user information:
From the Users List screen, double-click a user for which you want more information or highlight a user record and click the Details button. The User Details dialog box is displayed, where all fields, including the Save button, are disabled.
On the General tab, modify the following parameters:
Description
Roles
Flags - Enabled.
The Failed Login Attempts field displays the number of times that a login attempt has failed.
On the Passphrase tab, if you want to set the user's passphrase, see "Setting a User's Passphrase".
When you are finished, click the Save button.
If user roles have been added, the Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
Note: If user roles have not been added, user information is updated in the OKM Cluster after you click the Save button, and the Key Split Quorum Authentication dialog box is not displayed. |
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
As the Security Officer, you can set a user's passphrase if you believe that the user's passphrase and/or certificate has been compromised. A new certificate is generated when the user uses the new passphrase to logon to the KMA.
To set a user's passphrase:
From the User List screen, double-click the user whose passphrase you want to select or highlight the user and click the Details button.
The User Details dialog box is displayed. Open the Passphrase tab.
In the Enter Passphrase field, type the passphrase that was assigned by the Security Officer when the user account was created.
In the Confirm Passphrase field, type the same value you entered in the previous step. The new passphrase for the user record is saved.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
Users cannot delete themselves.
To delete a user:
From the Users List screen, select the user you want to delete and click the Delete button. The following dialog box is displayed, prompting you to confirm that you want to delete the selected user.
Click the Yes button to delete the user. The currently selected user is deleted and you are returned to the User List screen, where the deleted user is no longer in the User List.
The Role List menu option allows gives you the ability to view user roles. Roles are fixed logical groupings of various system operations that a user can perform. A user can have more than one role.
To view roles:
From the System Management menu, select Role List. The Role List screen is displayed.
You can also scroll through the database and filter the Roles list by either of the following keys:
Role ID
Description.
The Use button applies the filter to the displayed list.
The fields and their descriptions are given below:
Filter:
Displays the fields that you can use to filter the results of queries made to the KMA. Possible values are:
Role ID
Description
Filter Operator box:
Click the down-arrow and select the filter operation you want. Possible values are:
Equals =
Not equal <>
Empty
Not Empty
Filter Value 1 box:
Type a value in this field.
Refresh:
Click this button to refresh the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of records per page that were configured in the Query Page Size field in the Options dialog box.
Role ID
Displays the unique identifier that distinguishes each security role.
Description
Describes the role.
If you want more detailed information on a role, highlight a role entry and click the Details button. For more information, refer to "Viewing Operations for a Role".
The Role Operations dialog box allows the you to view a role and its permitted operations.
To view the operations for a specific role:
From the Role List screen, highlight a role and click the Details button. The Role Operations dialog box is displayed, indicating the operations for the selected role.
Click the Close button to close this dialog box. You are returned to the Role List screen.
A Site is a physical location with at least one KMA, to which several Agents (Hosts and OKM Cluster) connect. Sites allows Agents to respond to KMA failures or load balancing more effectively by connecting to another KMA in the local Site rather than a remote one
The Site List menu option gives you the ability to:
View sites
Create a site
Modify an site's information
Delete a site.
Note: An Operator can view sites only. A Security Officer can manage the sites. |
To view sites:
From the System Management menu, select Site List. The Site List screen is displayed.
You can also scroll through the database and filter the Sites list by any of the following keys:
Site ID
Description.
The Use button applies the filter to the displayed list for the Site.
The fields and their descriptions are given below:
Filter:
Displays the fields that you can use to filter the results of queries made to the KMA. Possible values are:
Site ID
Description
Filter Operator box:
Click the down-arrow and select the filter operation you want. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Filter Value 1 box:
Type a value in this field.
Use:
Click this button to apply the filter to the displayed list.
Refresh:
Click this button to refresh the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of records per page that were configured in the Query Page Size field in the Options dialog box.
Site ID
Uniquely identifies the site.
Description
Describes the site.
Click the Create button to create a Site. For more information, refer to "Creating a Site".
If you want to view / modify a Site's detailed information, highlight the Site and click the Details button. For more information, refer to "Viewing/Modifying a Site's Details".
Click the Delete button to delete a selected Site. For more information, refer to "Deleting a Site".
To create a site:
From the Site List screen, click the Create button. The Create Site dialog box is displayed.
Complete the following parameters:
Site ID
Type a value that uniquely identifies the site. This value can be between 1 and 64 (inclusive) characters.
Description
Type a value that uniquely describes the site. This value can be between 1 and 64 (inclusive) characters.
An example of a completed dialog box is shown below.
Click the Save button. The new Site is saved and stored in the database and is displayed in the Site List.
Note: If you are not a Security Officer, when you view a site's detailed information, all fields, including the Save button are disabled. |
To modify a Site's details:
From the Site List screen, click the Details button. The Site Details dialog box is displayed.
Change the Description field and click the Save button. The Site details are modified and stored in the database.
Note: If the site is in use, that is, agents or KMAs are specified to be at the site, they must first be deleted or changed to a different site before you can delete it. |
To delete a site:
From the Site List screen, highlight the Site you want to delete and click the Delete button. The following dialog box is displayed, prompting you to confirm your actions
Click the Yes button to delete the Site. The currently selected Site is deleted and you are returned to the Site List screen.
The following menus discuss viewing, creating, and modifying SNMP Managers.
Additionally, SNMP information is generated for users who have configured an SNMP Agent in their network and defined SNMP Managers in the OKM Manager GUI. When at least one SNMP Manager is defined in the OKM Manager GUI, the KMAs sends SNMP Informs to the IP address of that SNMP Manager(s).
You can provide an IPv6 address when creating or modifying an SNMP Manager.
Refer to Appendix A, "SNMP Management Information Base (MIB) Data" for more details about the information that KMAs send in their SNMP Inform packets.
To view the SNMP Managers:
From the System Management menu, select SNMP Manager List. The SNMP Manager List screen is displayed.
You can also scroll through the database and filter the SNMP Manager List by any of the following keys:
SNMP Manager ID
Description
Network Address
Enabled
User Name.
The Use button applies the filter to the displayed list for the SNMP Manager.
The fields and their descriptions are given below:
Filter:
Displays the fields that you can use to filter the results of queries made to the KMA. Possible values are:
SNMP Manager ID
Description
Network Address
Enabled
User Name.
Filter Operator box:
Click the down-arrow and select the filter operation you want. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Empty
Not empty
Filter Value 1 box:
Type a value in this field.
Use:
Click this button to apply the filter to the displayed list.
Refresh:
Click this button to refresh the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of records per page that were configured in the Query Page Size field in the Options dialog box.
SNMP Manager ID
Displays the user-defined unique identifier for the SNMP Manager.
Description
Displays a description for the SNMP Manager. This field is optional.
Network Address
Displays the network address that is used when sending an SNMP trap.
Enabled
Indicates whether this SNMP Manager is enabled or not.
User Name
Displays the user name that was used to establish a secure, trusted SNMPv3 connection to this SNMP Manager.
Protocol Version
Indicates the SNMP protocol version, either SNMPv3 (Version 3) or SNMPv2 (Version 2).
SNMP protocol Version 3 (SNMPv3) supports authentication, using user names and passphrases. SNMP protocol Version 2 (SNMPv2) does not support authentication and does not use user names and passphrases. You can configure an SNMP Manager to use either SNMPv3 or SNMPv2. KMAs do not send SNMP informs to SNMP Managers configured to use SNMPv2 if the replication version of the OKM Cluster is currently set to 10 or lower.
Click the Create button to create a new SNMP Manager. For more information, refer to "Creating a New SNMP Manager"below.
If you want to view/modify a SNMP Manager detailed information, highlight the entry and click the Details button. For more information, refer to "Viewing/Modifying an SNMP Manager's Details".
Click the Delete button to delete the selected SNMP Manager. For more information, refer to "Deleting an SNMP Manager".
If your SNMP agent is configured to use SNMP protocol Version 3, ensure that you have created an SNMP protocol Version 3 user before you create an SNMP manager in your OKM Cluster. This SNMP user should use SHA (not MD5) as the authentication protocol and DES as the privacy protocol. Refer to your SNMP Agent documentation for more information about creating SNMP Version 3 users.
Also, if the SNMP user has a passphrase, then the KMA uses this passphrase for both the Authentication Passphrase and the Encryption Passphrase for that SNMP user. Thus, these passphrases must have the same value for this SNMP user in the SNMP Agent. If the SNMP user does not have a passphrase, then the KMA uses a security level of ”noAuthNoPriv” when it sends SNMP informs to the SNMP Agent.
If your SNMP agent is configured to use SNMP protocol Version 2, then you do not need to configure an authentication protocol or create an SNMP user. Currently, OKM supports only the ”public” community for Version 2.
Consult your SNMP Agent documentation for more information about creating SNMP Users. For example, refer to the Solaris System Management Agent Administration Guide (http://docs.oracle.com/cd/E19253-01/817-3000/index.html
) for more information about configuring the System Management Agent on a Solaris system. Also, refer to http://www.net-snmp.org/FAQ.html
for more general information about Net-SNMP.
From the SNMP Managers List screen, click the Create button.
The Create SNMP Manager dialog box is displayed.
Complete the following parameters:
SNMP Manager ID
Type a value that uniquely identifies the SNMP Manager. This value can be between 1 and 64 (inclusive) characters.
Description
Type a value that describes the SNMP Manager. This value can be between 1 and 64 (inclusive) characters.
Network Address
Type the SNMP Manager's network address.
Flags - Enabled
Select this check box to indicate whether SNMP is enabled or not.
User Name
Type the user name that is used to authenticate the SNMP Manager.
Passphrase
Type the passphrase that is used to authenticate the SNMP Manager.
Confirm Passphrase
Type the same passphrase that was entered in the Passphrase field.
Protocol Version
Select the SNMP protocol version that this SNMP Manager should use. A value of SNMPV3 means that it is using SNMP protocol Version 3. A value of SNMPV2 means that it is using SNMP protocol Version 2.
SNMP protocol Version 3 (SNMPv3) supports authentication, using user names and passphrases. SNMP protocol Version 2 (SNMPv2) does not support authentication and does not use user names and passphrases. You can configure an SNMP Manager to use either SNMPv3 or SNMPv2. KMAs do not send SNMP informs to SNMP Managers configured to use SNMPv2 if the replication version of the OKM Cluster is currently set to 10 or lower.
When you are finished, click the Save button to save the information. The new SNMP Manager entry and its associated profile is stored in the database.
To view/modify an SNMP Manager's details:
From the SNMP Managers List screen, double-click an SNMP Manager entry for which you want more information and click the Details button. The SNMP Manager Details dialog box is displayed.
Change the parameters, as required.
When you are finished, click the Save button to save the changes.
Note: Every time you modify a SNMP Manager's details, you have to re-specify the passphrase. |
To delete an SNMP Manager:
From the SNMP Managers List screen, highlight the SNMP Manager you want to delete and click the Delete button. The SNMP Manager Confirm Delete dialog box is displayed.
Click the Yes button to delete the SNMP Manager. The currently selected SNMP Manager is deleted and you are returned to the SNMP Managers List screen.
Key Transfer, also called Key Sharing, allows keys and associated data units to be securely exchanged between Partners and is required to exchange encrypted media. This process requires each party in the transfer establish a public/private key pair and then provide the public key to the other party.
Each party enters the other party's public key into their own OKM Cluster. Once this initial configuration is complete, the sending party uses Export Keys to generate a transfer file, which is sent from the sending party to the receiving party. The receiving party then uses Import Keys to import the keys and their associated data units into their OKM Cluster.
The transfer file is signed using the sending party's private key and encrypted using the receiving party's public key. This allows only the receiving party to decrypt the transfer file using their own private key. The receiving party can verify the file was in fact produced by the expected sender by using the sender's public key.
The Key Transfer Partners feature allows keys to be moved from one OKM Cluster to another. Typically, this feature can be used to exchange tapes between companies or within a company if multiple Clusters are configured to deal with large numbers of sites.
The Key Transfer process involves these steps:
Each OKM Cluster configures the other Cluster as a Transfer Partner. This is usually done once.
The user exports keys from one OKM Cluster and imports them into the other. This step can be done many times.
Within the OKM, you must perform a number of tasks in a specific order. Since these tasks involve more than one user role, the actual procedures reside in different chapters in this document.
To move keys, you must configure a key transfer partner for both OKM Clusters participating in key movement.
In the following procedure, ”C1” refers to the first OKM Cluster, ”C2” to the second.
Administrator (Security Officer role):
C1 Administrator (Security Officer Role):
Acquire the Public Key information for C1 (your Cluster). To do this, go to the Key Transfer Public Key List Menu. See "Viewing the Key Transfer Public Key List" and "Viewing the Key Transfer Public Key Details".
Cut and paste the Public Key ID and Public Key into an e-mail or other agreed-upon form of communication. Send this information to the C2 administrator.
Note: The exact communication method should be sufficiently secure that when C2 receives the information, it can be confident it actually came from C1. There is a mechanism, the fingerprint, to prevent modification of this information in transit. |
C2 Administrator (Security Officer role):
C2 Administrator: Enter the Public Key information from C1 into the OKM Cluster by accessing the Transfer Partner List menu. See "Key Transfer Public Key List Menu".
Click the Create... button. Fill in a name for the Transfer Partner, a description, and contact information. Determine what you want to do with this Partner. See "Creating a Transfer Partner".
Select the Public Keys tab. Fill in the Public Key ID and Public Key from the information supplied by C1.
As the Public Key is entered, the system computes the fingerprint. The C1 and C2 administrators should be communicating with each other using a different mechanism than was used for the transfer of the key itself.
Both administrators should look at their OKM and verify the fingerprint matches. A mismatch indicates the key has been damaged or modified during the transfer.
If the fingerprint is correct, click Save. The system prompts for a quorum. This is because the key export operations that are enabled by this step could be used to extract valid keys from a OKM Cluster. C1 is now configured as a Transfer Partner in the C2 OKM Cluster.
C2 Administrator (Security Officer role):
C1 Administrator (Security Officer role):
C1 Administrator (Compliance Officer Role):
C1 must configure Key Groups that can be sent to C2. See "Viewing Key Group Assignments".
C2 Administrator (Compliance Officer Role):
C2 must configure Key Groups that can receive keys from C1. See "Viewing Key Group Assignments".
Select the desired Transfer Partner.
Select one or more disallowed Key Groups, and click the Move to back-arrow button to add them to the Key Group list. See "Adding a Key Group to a Transfer Partner".
Before you export keys, keys must meet all of the following criteria. Keys that do not are not exported when an Operator issues an Export Keys request.
Keys must belong to a Key Group associated with a Key Policy that has its Allow Export From
flag set to ”True.” See "Viewing/Modifying Data Unit Details" and "Viewing Key Groups".
To set the flag, refer to "Viewing/Modifying a Key Policy".
The destination key transfer partner must have its Enabled and Allow Export To
flags set to ”True.” See "Viewing/Modifying Transfer Partner Details".
To set the flag, refer to "Viewing/Modifying a Key Policy".
The destination key transfer partner must be associated with the Key Group of the selected key. See "Adding a Key Group to a Transfer Partner".
Keys must be in Protect and Process, Process Only, Deactivated, or Compromised state. See "Viewing/Modifying Data Unit Details".
In addition, the Export Format
setting of the destination transfer partner (see "Transfer Partner List") must match:
The software version
(see "Uploading and Applying Software Upgrades") on the KMA where the keys are to be imported and
The FIPS Mode Only
security parameter values (see "Retrieving the Security Parameters") on the OKM Clusters where the keys are to be exported and imported.
Table 5-1 summarizes the relationship between these settings.
Table 5-1 Export Format Settings
Software Version - Importing KMA | FIPS Mode Only - Exporting OKM Cluster | FIPS Mode Only - Importing OKM Cluster | Export Format |
---|---|---|---|
2.0.2 or lower |
Off |
N/A |
v2.0 or Default |
2.0.2 or lower |
On |
N/A |
v2.0 |
2.1 or higher |
Off |
Off |
v2.0 or Default |
2.1 or higher |
On |
Off |
v2.0 |
2.1 or higher |
Off |
On |
v2.1 (FIPS) |
2.1 or higher |
On |
On |
v2.1 (FIPS) or Default |
The following procedure is used to export keys from one OKM Cluster and import them into another. This can be done many times.
In this procedure, ”C1” refers to the first OKM Cluster, ”C2” to the second. These instructions are written to allow C2 to export keys that are then imported into C1.
C2 Administrator (Operator Role):
To exchange keys, go to the Data Unit List screen. See "Viewing Data Units".
Select one or more Data Units (tapes) to be sent from C2 to C1. The External Tag is the barcode on the tapes.
Keys associated with the selected Data Units must belong to Key Groups associated with Key Policies that have their Allow Export From
flag set to ”True.” These keys must also be activated (their Activation Date is not empty) and not destroyed (their Destroyed Date is empty). See "Viewing/Modifying Data Unit Details".
Click the Export Keys button to display the dialog box.
Select the destination Transfer Partner, select the Export Keys file name if necessary, and click Start. The Transfer File is created.
Only the Keys belonging to the Key Groups that are allowed to be exported to C1 are exported.
The selected destination Transfer Partner must be assigned to the Key Group to which these keys belong. See "Transfer Partner Assignment to Key Groups Menu".
Send the Transfer File to the C1 administrator by email or another agreed-upon form of communication or mechanism to move files.
C1 Administrator (Operator Role):
Select the Import Keys screen. See "Import Keys Menu".
Supply the Destination Key Group the keys are to be imported to, the Sending Transfer Partner (C2, in this case) that exported these keys, and the Key Transfer file name. The selected Key Group must be a Key Group that is configured to receive keys from C2.
That is, the Key Policy associated with the selected Key Group must have its Allow Import To
flag set to ”True.” Also, the selected Transfer Partner must have its Enabled
and Allow Import From
flags set to ”True,” and its Export Format value set as described above. The selected Transfer Partner must be assigned to the selected Key Group. See "Transfer Partner Assignment to Key Groups Menu".
Click Start.
The Key Transfer Partners feature allows keys to be moved from one OKM Cluster to another.
From the Secure Information Management menu, select Transfer Partner List.
You can also scroll through the database and filter the Transfer Partner list by any of the following keys:
Transfer Partner ID
Description
Contact Information
Enabled
Allow Export To
Allow Import From
The Use button applies the filter to the displayed list for the Transfer Partner.
The fields and their descriptions are given below:
Filter:
Select filter options to filter the displayed list of Transfer Partners. Only Transfer Partners that satisfy all filters are displayed.
Filter Attribute combo box:
Click the down-arrow and select an attribute to filter by. Possible values are:
Transfer Partner ID
Description
Contact Information
Enabled
Allow Export To
Allow Import From
Filter Operator combo box:
Click the down-arrow and select the filter operation to apply to the selected attribute. This filter option is not displayed for all filter attributes. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Empty
Not empty
Filter Value text box:
Type a value to filter the selected attribute by. This filter option is not displayed for all filter attributes.
Filter Value combo box:
Click the down-arrow and select a value to filter the selected attribute by. This filter option is not displayed for all filter attributes.
Click the plus button to add additional filters.
Click the minus button to remove a filter. This button is only displayed if there is more than one filter shown.
Use:
Click this button to apply the selected filters to the displayed list and go to the first page.
Refresh:
Click this button to refresh the displayed list. This does not apply filters selected since the last Use or Reset, and does not change the page of the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of items that can be displayed on the current page. Appends ”(last page)” to the number of items if you are at the end of the list. The maximum number of items displayed on a page is defined by the Query Page Size value on the Options dialog.
Transfer Partner ID:
Displays the unique identifier that distinguishes each Transfer Partner. This value can be between 1 and 64 (inclusive) characters. Click this Column Name to sort by this attribute.
Description:
Describes the Transfer Partner. This value can be between 1 and 64 (inclusive) characters. Click this Column Name to sort by this attribute.
Contact Information:
Displays contact information about the Transfer Partner. Click this Column Name to sort by this attribute.
Enabled:
Indicates whether the Transfer Partner is allowed to share keys. Possible values are True or False. If this field is False, the Transfer Partner cannot share keys. Click this Column Name to sort by this attribute.
Allow Export To:
Indicates whether the Transfer Partner is allowed to export keys. Possible values are True or False. If this field is False, the Transfer Partner cannot export keys. Click this Column Name to sort by this attribute.
Allow Import From:
Indicates whether keys can be imported from this Transfer Partner. Possible values are True or False. If this field is False, keys cannot be imported from this Transfer Partner. Click this Column Name to sort by this attribute.
Export Format:
Indicates whether keys can be wrapped (wrap keys encrypt the media key on the LAN and the token.)
In the Export Format column, a ”v2.0” value means that this Transfer Partner does not wrap keys when it exports them.
A ”v2.1 (FIPS)” value means that this Transfer Partner wraps keys when it exports them.
An ”N/A” value signifies that the connected KMA runs 2.0.x OKM software, and thus does not allow the user to select this setting.
Note: To exchange keys with a Cluster running KMS 2.0, the Security Officer should create a Transfer Partner that has an Export Format value of ”v2.0.” |
Refer to the FIPS Mode Only
parameter in "Retrieving the Security Parameters" for more information.
Public Key ID
Displays the unique identifier that distinguishes each Public Key. This value can be between 1 and 64 (inclusive) characters. Click this Column Name to sort by this attribute.
Public Key Fingerprint
Shows the fingerprint, or hash value, of the Public Key.
Entry Date
Displays the date the Public Key was entered into the OKM Cluster.
To create a Transfer Partner:
From the Transfer Partner List screen, click the Create button. The Create Transfer Partner dialog box is displayed, with the General tab active.
Complete the following parameters:
On the General tab:
Transfer Partner ID
Uniquely identifies the Transfer Partner.
Description
Type a value that uniquely describes the Transfer Partner. This value can be between 1 and 64 (inclusive) characters. This field can be left blank.
Contact Information
Type a value that identifies contact information about the Transfer Partner. This field can be left blank.
Export Format
Select either the default, v2.0, or v2.1 (FIPS) to determine the export format.
A ”v2.0” value means this Transfer Partner does not wrap keys when it exports them.
A ”v2.1 (FIPS)” value means this Transfer Partner wraps keys when it exports them.
A ”Default” value means when you are exporting a key transfer file for this Transfer Partner, the format depends on the setting of the FIPS Mode Only security parameter (see "Retrieving the Security Parameters").
If FIPS Mode Only is ”Off,” the format is v2.0. If FIPS Mode Only is ”On,” the format is v2.1 (FIPS).
Note: An advantage of setting a Transfer Partner's Export Format to ”Default” is that it allows you to alter the format of the Transfer Partner's transfer files simply by changing the FIPS Mode Only security parameter, instead of editing the Transfer Partner's Export Format setting directly, which requires a quorum to authenticate the change. |
Flags - Enabled
Select this box to allow this Transfer Partner to share keys. If the field is not selected, the Transfer Partner cannot share keys.
Allow Export To
Select this box to allow keys to be exported to the Transfer Partner. If this field is not selected, the Transfer Partner will not be available for the export keys operation.
Allow Import From
Select this box to indicate whether keys can be imported from this Transfer Partner. If this field is not selected, keys cannot be imported from this Transfer Partner.
Open the Public Keys tab.
On the Public Keys tab, you can enter the following information:
New Public Key ID
Enter the Public Key ID provided to you by the Transfer Partner.
New Public Key
Enter the Public Key provided to you by the Transfer Partner.
New Public Key Fingerprint
This read-only field shows the fingerprint, or hash value, of the new Public Key. Verify this fingerprint with the Partner to ensure the Public Key has not been tampered with, accidentally or deliberately, during transmission.
When you are finished, click the Save button.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
The Transfer Partner Details dialog box allows you to view detailed information about a specific Transfer Partner.
To view these details:
From the Transfer Partner List screen, highlight a Transfer Partner ID and click the Details button. The Transfer Partner Details dialog box is displayed.
On the General tab, you can change the following fields:
Description
Contact Information
Export Format
Flags Enabled
AllowExport To
Allow Import From
The Transfer Partner ID field is read-only.
When you are finished, click the Save button. The Transfer Partners record in the database is modified.
Open the Public Keys tab.
On the Public Keys tabs, you can change the following fields:
New Public Key ID
Enter the new Public Key ID provided to you by the Transfer Partner.
New Public Key
Enter the new Public Key provided to you by the Transfer Partner.
New Public Key Fingerprint
This read-only field shows the fingerprint, or hash value, of the new Public Key. Verify this key with the sending Transfer Partner.
Existing Public Keys
This list displays Public Keys associated with this Transfer Partner.
When you are finished, click the Save button.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
This option gives the Security Officer the ability to delete a Transfer Partner.
To delete a Transfer Partner:
From the Transfer Partner List screen, highlight the Transfer Partner ID you want to delete and click the Delete button. The Transfer Partner Confirm Delete dialog box is displayed.
Click the Yes button to delete the Transfer Partner. The currently selected Transfer Partner is deleted, and you are returned to the Transfer Partner List screen.
To share keys between Transfer Partners, Security Officers first must access Public Key information for their OKM Cluster. This menu provides public key information. The Public Key and Public Key ID displayed by this command must be sent to the Transfer Partner.
To view the Key Transfer Public Key List:
From the System Management menu, select Key Transfer Public Key List.
You can also scroll through the database and filter the Key Transfer Public Key List by any of the following keys:
Public Key ID
Created Date
Public Key
The Use button applies the filter to the displayed list for the Key Transfer Public Key List.
The fields and their descriptions are given below:
Filter:
Select filter options to filter the displayed list of Public Keys. Only Public Keys that satisfy all filters are displayed.
Filter Attribute combo box:
Click the down-arrow and select an attribute to filter by. Possible values are:
Public Key ID
Created Date
Public Key
Filter Operator combo box:
Click the down-arrow and select the filter operation to apply to the selected attribute. This filter option is not displayed for all filter attributes. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Empty
Not empty
Filter Value text box:
Type a value to filter the selected attribute by. This filter option is not displayed for all filter attributes.
Filter Value combo box:
Click the down-arrow and select a value to filter the selected attribute by. This filter option is not displayed for all filter attributes.
Filter Value combo box:
Click the down-arrow and select a value to filter the selected attribute by. This filter option is not displayed for all filter attributes.
Click the plus button to add additional filters.
Click the minus button to remove a filter. This button is only displayed if there is more than one filter shown.
Use:
Click this button to apply the selected filters to the displayed list and go to the first page.
Refresh:
Click this button to refresh the displayed list. This does not apply filters selected since the last Use or Reset, and does not change the page of the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of items that can be displayed on the current page. Appends ”(last page)” to the number of items if you are at the end of the list. The maximum number of items displayed on a page is defined by the Query Page Size value on the Options dialog.
Public Key ID:
Displays the unique identifier that distinguishes each Public Key. This value can be between 1 and 64 (inclusive) characters. Click this Column Name to sort by this attribute.
Created Date:
Displays the date and time when this Public Key was created. Click this Column Name to sort by this attribute.
The private key corresponding to the most recently created public key is used to sign all exported Key Transfer files.
Public Key:
Displays the Public Key used to perform key transfers between Transfer partners. This value is shown in base 64. Click this Column Name to sort by this attribute.
Public Key Fingerprint:
The hash of the Public Key. This value is used to verify the Public Key is correctly transmitted, and it is shown in base 64.
To view the Key Transfer Public Key details screen:
Select a Public Key and click the Details button.
The Key Transfer Public Key Details dialog box is displayed.
To create a Key Transfer Public Key:
Click the Create button.
Provide the new key to all existing Transfer Partners.
Since any Key Transfer files created after the new Key Transfer Public Key is created are signed with the new Key Transfer Public Key, partners must be provided with the new Key Transfer Public Key before they can import the new Key Transfer files.
The Backups List menu option allows the Security Officer to:
View the history of the Backups
View details of a Backup file
Restore Backups.
To view Backup files history:
From the Secure Information Management menu, select Backup List. The Backup List screen is displayed.
You can also scroll through the database and filter the Backup Files by any of the following keys:
Backup ID
KMA ID
Created Date
Destroyed Date
Destruction Status
Destruction Comment.
The + button applies the filter to the displayed list for the Backup file.
The fields and their descriptions are given below:
Filter:
Displays the fields that you can use to filter the results of queries made to the KMA. Possible values are:
Backup ID
Created Date
Destroyed Date
Destruction Status
Destruction Comment.
Filter Operator box:
Click the down-arrow and select the filter operation you want. Possible values are:
Equals =
Not equal <>
Greater than >
Less than <
Greater than or equals >=
Less than or equals <=
Starts with ~
Filter Value 1 box:
If you selected a date filter, click Set Date to specify start date and time. The value appears as a starting value of the filter key range. If you selected any other filter, type a value in this field.
Filter Value 2 box:
If you selected a date filter, click Set Date to select an end date and time. The value appears as a ending value of the filter key range.
Use:
Click this button to apply the filter to the displayed list.
Refresh:
Click this button to refresh the list.
Reset:
Click this button to remove all filters and reset the displayed list to the first page.
Click this button to go to the first page of the list.
Click this button to go to the previous page.
Click this button to go to the next page.
Results in Page:
Displays the number of records per page that were configured in the Query Page Size field in the Options dialog box.
Backup ID
Displays a system-generated unique identifier that distinguishes each Backup file.
KMA ID
Displays the KMA for which the Backup file was generated.
Created Date
Displays the date when the backup was created.
Destroyed Date
Displays the date that the Backup file was marked as being manually destroyed.
Destruction Status
Indicates the status of the backup with respect to its destruction. Possible values are:
NONE
The Backup file has not been destroyed and does not contain Data Unit keys that have been destroyed.
PENDING
The Backup file has not yet been manually destroyed and contains copies of Data Unit keys that have been destroyed.
DESTROYED
The Backup file has been manually destroyed.
Destruction Comment
Displays user-supplied information on the Backup file's destruction.
Details:
Click this button to view more detailed information on a Backup.
Create Backup:
Click this button to create a Backup. This button is not enabled if you are a Security Officer.
Restore:
Click this button to restore a Backup.
Confirm Destruction:
Click this button to confirm the destruction of a Backup. This button is not enabled if you are a Security Officer.
If you want more detailed information on a backup, highlight the backup and click the Details button. For more information, refer to "Viewing Backup Details".
Click the Restore button to restore the currently selected backup. For more information, refer to "Restoring a Backup".
The Backup Details dialog box is used to view the details of a Backup file.
Note: Backup files are created and restored on the KMA. |
To view the details of a Backup file:
From the Backups List screen, double-click the Backup entry for which you want more information or highlight the Backup entry and click the Details button. The Backup Details dialog box is displayed, with all fields read-only.
The fields and their descriptions are given below:
Backup ID
Displays a system-generated unique identifier that distinguishes each Backup file.
KMA ID
Displays the KMA on which this Backup file is generated.
Created Date
Displays the date and time when the Backup file was created.
Completed Date
Displays the date and time when the Backup file was completed.
Downloaded Date
Displays the date and time when the Backup file was downloaded.
Destroyed Date
Displays the date when the Backup file was destroyed.
Destruction Status
Indicates the status of the backup with respect to its destruction.
Destruction Comment
Displays user-supplied information on the Backup file's destruction.
Click the Close button to close this dialog box.
This function gives you the ability to upload and restore a backup that consists of a Backup file and a Backup key file to the KMA. Before you restore a Backup file to a KMA, ensure that you have the quorum for authentication.
Important – Before you start this procedure, you must perform the procedure "Restoring a Cluster From a Backup".
To restore a backup:
From the Backup List screen, highlight the Backup you want to restore and click the Restore button. The Restore Backup dialog box is displayed.
Select the desired Core Security backup, backup key file, and backup file. The backup key file and the backup must match, that is, they must have been created at the same time. The Core Security backup can be older or newer than the backup key file and backup file. Any Core Security backup file can be used with any backup key file and backup file.
Click the Start button.
When the upload process is completed, it is indicated on the Restore Backup dialog box and the Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
Note: The Security Officer must provide a sufficient quorum of Key Split Credentials. You initially set the Key Split Threshold value, which determines the quorum size, through the process shown in "Entering Key Split Credentials". The quorum value can be changed as discussed in "Modifying the Key Split Configuration". |
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
The Restore Backup dialog box is displayed, indicating the status of the restore process.
The fields and their descriptions are given below:
Backup File Name
Name of the backup file.
Backup Wrapping Key File Name
Displays the name of the Backup Key File.
Core Security Backup File Name
Name of the backup file containing Core Security Key material.
When the restore is completed, a message indicating this is displayed. Click the Close button to close this dialog box. The database and the Secure Key Store are restored to the KMA.
Note: After you successfully restore a backup, you need to update the IP address settings for the KMA. Network settings are not backed up, and thus are not restored. Refer to "Setting the KMA Management IP Address" and "Setting the KMA Service IP Addresses". |
The System Dump menu creates a system dump for problem resolution and downloads it to a compressed file on the system where the OKM Manager is running. The downloaded file is in a format that can be opened with compression utilities.
Note: The dump does not include any key material or information from which keys can be inferred. |
To create a system dump, from the System Management menu, select System Dump. The screen is displayed and shows an automatically-generated *.tar.Z file. If desired, you can click Browse to select a destination path.
Click the Start button to begin the download. The system displays messages indicating the amount of system dump information that is being downloaded in real-time and tells you when the process is complete.
Go to the destination path and open the *.tar.Z file to view the system dump information.
The fields and their descriptions are given below:
File Name:
Displays an automatically-generated *.tar.gz file.
Browse:
Click this button to specify a location for this file.
Start:
Click this button to initiate the download process.
The Security menu gives the Security Officer the ability to view and modify the KMA's security parameters.
Note: The Master Key Provider button is used only if you want the OKM Cluster to obtain master keys from an IBM mainframe. The button is enabled only when the replication version of the OKM Cluster is currently set to 11 or higher and the FIPS Mode Only value is ”Off.”See the OKM-ICSF Integration Guide for details. |
To retrieve the security parameters:
From the Security menu, select Security Parameters. The Security Parameters screen is displayed in read-only mode.
The fields and their descriptions are given below:
Note: For the following six Retention-related fields, there is just one audit log, and it resides in the largest file system in the KMA.The main reason for adjusting these parameters is to control how many audit log entries are returned in queries you issue from the Audit Event List menu (see "Viewing Audit Logs"). Entries in the audit log can show a short, medium, or long retention term. The KMA truncates (removes) old audit log entries based on the limit and lifetime of their retention term. For example, Short Term Audit Log entries are typically truncated more frequently than Medium Term Audit Log entries; Medium Term Audit Log entries are truncated more frequently than Long Term Audit Log entries. The Security Officer can define these retention term limits and lifetimes to control how frequently old audit log entries are removed. |
Short Term Retention Audit Log Size Limit
Displays the number of Short Term Audit Log entries that are retained before they are truncated. The default is 10,000. The minimum value is 1000; maximum value is 1,000,000.
Short Term Retention Audit Log Lifetime
Displays the amount of time (in days) that Short Term Audit Log entries are retained before they are truncated. The default is 7 days. The minimum value is 7 days; maximum value is 25,185 days (approximately 69 years).
Medium Term Retention Audit Log Size Limit
Displays the number of Medium Term Audit Log entries that are retained before they are truncated. The default is 100,000. The minimum value is 1000; maximum value is 1,000,000.
Medium Term Retention Audit Log Lifetime
Displays the amount of time (in days) that Medium Term Audit Log entries are retained before they are truncated. The default is 90 days. The minimum value is 7 days; maximum value is 25,185 days.
Long Term Retention Audit Log Size Limit
Displays the number of Long Term Audit Log entries that are retained before they are truncated. The default is 1,000,000. The minimum value is 1000; maximum value is 1,000,000.
Long Term Retention Audit Log Lifetime
Displays the amount of time (in days) that Long Term Audit Log entries are retained before they are truncated. The default is 730 days. The minimum value is 7 days; maximum value is 25,185 days.
Login Attempt Limit
Indicates the number of failed login attempts before an entity is disabled. The default is 5. The minimum value is 1; maximum value is 1000.
Passphrase Minimum Length
Displays the minimum length of the passphrase. The default is 8 characters. The minimum value is 8 characters; the maximum value is 64 characters.
Management Session Inactivity Timeout
Displays the maximum length of time (in minutes) a OKM Manager or Console login session can be left idle before being automatically logged out. Changing this value has no effect on sessions that are already in progress. The default is 15 minutes. The minimum value is 0, meaning no time is used; the maximum value is 60 minutes.
FIPS Mode Only
Displays the import key and format transfer file settings.
An "Off" value specifies that KMAs wrap keys whenever communicating with agents that support AES key wrap. Most customers should be running tape drive firmware that supports AES key wrap with the OKM agent service.
All PKCS#11 providers that support OKM include support for AES key wrap. You can confirm this by viewing the OKM audit log and noting that agents are using the agent service operations listed below. Specify an audit filter for Operation and choose any of the following specific operations from the pull down list:
Create Key v2
Retrieve key v2
Retrieve Keys v2
Retrieve Protect and Process Key v2
Any audit events in the resulting list confirm that the specified agent is using AES key wrap with OKM.
An ”On” value specifies that KMAs in this Cluster wrap Keys with an Advanced Encryption Standard (AES) wrapping key before sending them to Agents (tape drives). The KMA cannot import 1.0 keys and allows export and import of v2.1 (FIPS) format transfer files only.
The ”On” value can be set only if the current Replication Version is at least 10.
See the Export Format parameter in "Transfer Partner List" for more information.
Pending Operation Credentials Lifetime:
The amount of time (in days) that Key Split Credentials are retained as having approved a pending quorum operation. If an insufficient number of Key Split Credentials approve the pending quorum operation before this lifetime is reached, then these credentials expire. After they expire, Quorum Members must reapprove the pending quorum operation. The default is 2 days. This value is used only when the Replication Version is at least 11.
If you want to change the Security Parameters, click the Modify button. For more information, refer to "Modifying the Security Parameters".
To modify security parameters:
From the Security Parameters List screen, click the Modify button. The Modify Security Parameters screen is displayed.
The fields are described in "Short Term Retention Audit Log Size Limit".
Modify the security parameters, as required. When you are finished, click the Save button. The changes are saved in the KMA database.
The primary element of the Core Security component is the Root Key Material. It is key material that is generated when a Cluster is initialized. The Root Key Material protects the Master Key. The Master Key is a symmetric key that protects the Data Unit Keys stored on the KMA.
Core Security is protected with a key split scheme that requires a quorum of users defined in the Key Split Credentials to provide their user names and passphrases to unwrap the Root Key Material.
This security mechanism enables two operational states for the KMA: locked and unlocked.
A KMA in the locked state is not able to unwrap the Root Key Material, and thus is unable to access the Data Unit Keys. As a result, the KMA is unable to service Agent requests to register new Data Units or retrieve Data Unit Keys for existing Data Units.
A KMA in the unlocked state is able to use the Root Key Material to access the Data Unit Keys and service Agent requests for Data Unit Keys.
The Core Security menu contains the following menu options:
It allows the Security Officer to:
Create a Core Security backup
View/Modify Key Split Credentials
Enable/Disable the Autonomous Unlock Option.
The Backup Core Security option allows the Security Officer to back up Core Security Key material and download it to a file on the local system.
Caution: Core security backup files should be carefully protected. Because any Core Security backup file can be used with any backup file/backup key file pair, even old Core Security backup files remain useful. |
A new core security backup needs to be performed after the Key Split Credentials are modified.
Important – The Security Officer must back up Core Security Key material before the Backup Officer can create a backup. See "Creating a Backup".
From the Core Security menu, select Backup Core Security. The Backup Core Security dialog box is displayed.
Note: The Core Security Backup File names are automatically generated. However, you can edit the names, and you can also click the Browse button to select a destination path. |
Click the Start button to create the Core Security Backup file and download it to the user-specified destination.
When the backup is completed, a message is displayed. Click the Close button to close this dialog box
You are returned to the Backup Core Security screen.
The Key Split Configuration menu option gives the Security Officer the ability to view and modify the Key Split Credentials for the KMA.
To view the Key Split Configuration:
From the Core Security menu, select Key Split Configuration. The Key Split Configuration dialog box is displayed.
The fields and their descriptions are given below:
Key Split Number
Displays the number of key splits. The maximum is 10.
Threshold Number
Displays the number of users that are necessary to authenticate a quorum.
Split User (1-10)
Displays the user names of the existing split.
If you want to modify the Key Split user names, passphrases, and threshold number, click the Modify button. For more information, refer to "Modifying the Key Split Configuration".
To modify the Key Split configuration:
From the Key Split Configuration screen, click the Modify button. The Modify Key Split Configuration dialog box is displayed.
Complete the following parameters and click the OK button:
Key Split Number
Type a new value for the number of key splits. The maximum number is 10.
Threshold Number
Type a new value for the number of users that are required to form a quorum.
Split User x
Type the new user name. For each Split User, complete its associated Passphrase and Confirm Passphrase fields.
Note: The number of Split User fields that are enabled is dependent on the value that you entered in the Key Split Number field. |
Click the Save button after the last user name and passphrase is entered.
The Key Split Quorum Authentication dialog box is displayed after the new Key Split credentials are entered. Type the user name and passphrase for the existing quorum credentials and click the OK button. This is required to set ”new” credentials set in Step 2 and Step 3.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
The system updates the old configuration information with the new configuration in the database. The new configuration is displayed in the Key Split Credentials screen.
Note: The Core Security Key material is re-wrapped using the updated Key Split credentials. |
Create a new Core Security backup (see "Creating a Core Security Backup").
Note: Destroy all old Core Security backup files to ensure that the previous Key Split Credentials cannot be used to destroy a backup. |
The Autonomous Unlock Option menu option gives the Security Officer the ability to enable or disable the autonomous option for the KMA.
To enable or disable the Autonomous Unlock option:
From the Core Security menu, select Autonomous Unlock Option. The Autonomous Unlock Option screen is displayed, indicating the current autonomous status.
Depending on the current autonomous boot status, click the Enable Autonomous Unlock to enable this option or click the Disable Autonomous Unlock to disable the option.
Note: The Lock/Unlock button toggles between states and sets the KMA locked state opposite to the current state. |
You must provide a quorum to enable or disable the Autonomous Unlock Option.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
The Local Configuration menu includes the following options:
Lock/Unlock the KMA
Upgrade the software (see "Software Upgrade Menu")
Network configuration information
Auto Service Request.
The Lock/Unlock KMA menu option gives the Security Officer the ability to lock and unlock the KMA's Core Security. See "Core Security" for details on Core Security and the behavior of the KMA when Core Security is locked and unlocked.
To lock the KMA:
From the Local Configuration menu, select Lock/Unlock KMA. The Lock/Unlock KMA screen is displayed, indicating the state of the KMA. In this example, it is ”Unlocked.”
Click the Lock KMA button to lock the KMA. Once the button is pressed, it changes to Unlock KMA, indicating the new lock state and the allowed operation. The KMA is now locked.
Note: The Lock KMA/Unlock KMA button toggles between states and sets the KMA locked state opposite to the current state. Once a button is pressed, the text label and button label change to indicate the new lock state and the allowed operation. |
To unlock the KMA:
From the Lock/Unlock KMA screen, click the Unlock KMA button.
The Key Split Quorum Authentication dialog box is displayed. The quorum must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
If the authentication is successful, the Key Split Quorum Authentication dialog box closes and the KMA is unlocked.
The Software Upgrade menu option allows you to apply software upgrades; however, this requires two separate phases:
The Operator uploads a software upgrade file to the KMA and immediately applies the upgrade. See "Uploading and Applying Software Upgrades" for detailed information.
The Security Officer activates the inactive software version the Operator uploaded and applied.
Software updates are signed by Oracle and verified by the KMA before they are applied.
Before you execute this function, back up your system. For procedures, refer to "Creating a Backup".
Use an OKM Manager GUI release that matches the upgrade version you want to load on the KMA(s).
KMAs running OKM 3.0 can display up to three software versions in the Software Upgrade screen. OKM 2.x GUIs cannot activate a software version on an OKM 3.0 KMA. Install and use an Oracle Key Manager 3.0 GUI before uploading or activating a software version on an OKM 3.0 KMA.
For OKM 3.0 KMAs, the Software Upgrade screen displays software versions in reverse chronological order. That is, the newest version appears at the top of the list. Check the Active column to see which version is active.
OKM 2.x KMAs cannot be upgraded to OKM 3.0. Do not attempt to upload and apply an OKM 3.0 upgrade package onto an OKM 2.x KMA.
KMAs running KMS 2.1 or earlier must be upgraded to KMS 2.2 before they can be upgraded to OKM 2.3 and later.
The upload and apply process can be lengthy if the OKM Manager is remotely connected to the KMA or if the connection between the OKM Manager and KMA is slow. To mitigate this, the software upgrade file can be downloaded to a laptop or workstation that has the OKM Manager installed and the laptop or workstation connected to the same subnet as the KMA. The presence of a router between the OKM Manager and the KMA may slow down the upgrade process.
The upload and apply processes, with a good connection between the OKM Manager and the KMA, optimally take about 30 minutes. The activate process optimally takes about 5 to 15 minutes. If the uploading process is very slow, try connecting to the same subnet as the KMA.
Upload and apply the software upgrade file on each KMA one at a time (to help to spread out the network load), and then activate the software upgrade on each KMA one at a time (to minimize the number of KMAs that are offline concurrently).
If any of the upgrade processes fail (upload, verify, apply, activate, switch replication version), the OKM Manager generates audit messages describing the reason for the failure and a suggested solution.
The Technical Support account is disabled on the upgraded KMAs, and the accounts must be re-enabled if needed.
After the Operator uploads and applies the software upgrade, the Security Officer activates the inactive software version that the Operator uploaded and applied.
From the Local Configuration menu, select Software Upgrade. The Software Upgrade screen is displayed.
The active version of the software is highlighted, and the Active column is set to True. Any inactive versions are also shown. For OKM 3.0 KMAs, the version string has the following format: <OKM release>-5.11-<OKM build>. For example, 3.0.0-5.11-2012.
The buttons appearing on this screen include:
Activate
Select an inactive software version and then click this button to activate the selected software version. Messages are displayed, indicating when this software version is activated and the KMA reboots.
Switch Replication Version
Select the active software version and then click this button to switch the current replication version.
Software Upgrade File Name
The Operator can type the name of the software upgrade file.
Browse
The Operator can click this button to locate the software upgrade file on your local system.
Make sure there is a current backup of the OKM Cluster.
To activate the upgrade file, select the new version from the list of available versions at the top of the screen and click the Activate button. Until activated, the new version remains inactive on the system.
Note: The KMA reboots as part of the activate process. Since the KMA is offline while it reboots, you may not want to activate KMAs simultaneously in a Cluster. |
Users remain connected until you reboot the KMA. When you access the Software Upgrade screen again, the new uploaded software version is shown as the active version.
The Key Split Quorum Authentication dialog box is displayed. Users who have the quorum role must type their user names and passphrases to authenticate the operation.
If you provide a sufficient quorum of Key Split Credentials in the Key Split Quorum Authentication dialog box, then information is updated in the OKM Cluster after you provide a quorum, not when you click the Save button.
If you do not provide a sufficient quorum in the Key Split Quorum Authentication dialog box, two different outcomes can occur depending on the replication version:
The new software version may include new features available only when the OKM Cluster replication version is changed to a higher value.
The OKM Cluster must be switched to the new replication version to enable all new features in the new software version.
Replication Version: | Result: |
---|---|
10 or lower | The operation fails and no information is updated in the OKM Cluster. |
11 or higher | The operation becomes pending. That is, the system adds the operation to a list of pending quorum operations (see "Pending Quorum Operation List Menu"). A popup message appears when the operation is added to this list.
No information is updated in the OKM Cluster until users with the Quorum Member role (Quorum Member users) log in and provide a sufficient quorum. |
Some features in the current software version are available only when the OKM Cluster replication version is set to the highest value supported by that software version.
The Security Officer manually sets the Replication Version. It is never changed automatically.
Log in to a KMA that has been activated and navigate to the Software Upgrade screen. If the Supported Replication Versions column includes a higher version than the Current Replication Version column, click the Switch Replication Version button.
Select a new replication version and click the OK button.
The Current Replication Version now displays the higher version, and the successful replication switch is sent to all other KMAs in the OKM Cluster.
Note: All KMAs in the Cluster should be responding and all KMAs must run a KMS or OKM version that supports the replication version that the Security Officer wants to set. |
Table 5-2 summarizes the features that require a particular replication version (or higher) across the KMS and OKM releases.
Table 5-2 Replication Versions/Features
Replication Version | KMS/OKM Version | Features Enabled |
---|---|---|
8 |
2.0 |
Everything related to initial release |
9 |
2.0.2 |
Keys In Backup (ready keys appear in backups) |
10 |
2.1 |
IPv6 addresses AES Key Wrap (FIPS Mode) |
11 |
2.2 |
ICSF integration Distributed Quorum SNMP Protocol version 2c |
12 |
2.3 |
Accelerate initial updates |
13 |
2.4 |
Agent Roaming |
14 |
2.5.2 |
Allow Agents to revoke keys |
15 |
3.0 |
Processing times available in performance reports |
The Network Configuration menu option shows network configuration settings for the KMA to which you are currently connected. These settings are established in the configuration screens described in "Using the OKM Console".
To display the network configuration, from the Local Configuration menu, select Network Configuration. The Network Configuration screen is displayed.
The fields are described below:
Description
Displays whether the related information applies to the Management or Service Network Address.
Interface Name
The Management or Service Network Hostname established in the QuickStart program.
IP Address
The IP address of the Management or Service Network.
Netmask
The Subnet Mask address for the Management or Service Network.
DNS Server(s)
One or more DNS name servers (if any) used by this KMA.
DNS Domain Name
The DNS domain (if any) used by this KMA.
DNS Configured by DHCP
An indication whether these DNS settings were configured implicitly by DHCP.
Note: When the Oracle Key Manager GUI is connected to an OKM 3.0 KMA, the Network Configuration Panel does not show the DNS Configured by DHCP checkbox. QuickStart displays DNS information acquired by DHCP, but the user must enter static DNS information or disable it entirely, as described in "Specifying the DNS Settings". Thus, the DNS Configured by DHCP checkbox does not appear. |
Using DHCP
Indicates whether or not the Management or Service Network uses DHCP.
Destination
The subnet that network traffic goes to from this KMA.
Gateway
The Gateway IP address that network traffic is routed to for the Management or Service Network.
Modifiable
Indicates whether or not the Gateway configuration is modifiable. Gateways that are configured automatically are not modifiable.
This menu allows you to query load information about the KMA the GUI is connected to. All user roles can access this information.
The System Time menu option gives you the ability to set the system clock to which you are connected. To ensure the correct operation of the OKM solution, it is very important to maintain the times reported by each KMA in a Cluster within five minutes of each other. You can provide an IPv6 address for an external NTP server.
To retrieve the local clock information:
From the System Management menu, select System Time. The System Time screen is displayed.
The fields and their descriptions are given below:
Current System Time
Displays the current system time.
System Time Retrieved At
Displays the local Client time when the KMA's system time was retrieved.
Adjust Time
Click this button to modify the system time.
If you want to modify the KMA's clock, click the Adjust Time button. For more information, refer to "Adjusting the KMA's Local Clock" below.
NTP Server
Displays the NTP server that this KMA uses (if any). The Security Officer can provide an IPv6 address for an external NTP server. This IPv6 address must not include square brackets or a prefix length.
Specify NTP Server
Click this button to specify the NTP server to be used by this KMA.
You can only adjust a KMA's clock once a day by a maximum of plus or minus 5 minutes. A positive (+) adjustment slowly moves the clock forward, whereas a negative (-) slowly moves the clock backward.
To adjust the KMA's local time:
From the System Time menu, click the Adjust Time button. The Adjust System Time dialog box is displayed.
Select the ”Move System Time Forward (+)” radio button if you want to apply a positive adjustment to the clock. Otherwise, select the ”Move System Time Backward(-)” radio button if you want to apply a negative adjustment to the clock.
In the Offset Minutes text box, select a numeric value.
In the Offset Seconds text box, select a numeric value.
Note: If the specified offset is too large, an Error message is displayed, prompting you to type a smaller value. Click the OK button to close this dialog box and type a new value. |
Click the Save button to accept the changes. The System clock is adjusted.