Bitlocker, FIPS, and User Roles Question
I know that FIPS 140-2 provides roles (Crypto Officer and User), but I can’t seem to find the answers to two very specific
questions.
1. If
a PC operator is the User Role (AKA not a local administrator) and somehow promotes themselves to be local administrator (AKA Crypto Officer) which allows them access to the key through manage-bde are they still complaint? In other words,
can the standard operator or user who requires FIPS 140-2 be a Crypto Admin and still be compliant?
The article from NIST (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp947.pdf)
does not give that much detail and the FIPS standard is very vague. From what I read it sounds like the roles have to be separated and any overlap would mean non-compliance. Any clarification would be great.
Many thanks to anyone able to clarify this for me!
January 19th, 2011 11:30am
OK, how I read the standard is that there should be a clear demarcation between the Crypto officer and the user. To be compliant it does appear you to to have policies and procedures in place as
well.
<dir>
Crypto officer guidance
is concerned with the correct configuration, maintenance, and administration of the cryptographic module.
User guidance describes the security functions of the cryptographic module along with instructions,
guidelines, and warnings for the secure use of the module. If a cryptographic module supports a maintenance role, user/crypto officer guidance describes the physical and/or logical maintenance services for operators assuming the maintenance role.
Crypto officer guidance shall specify:
<dir>
the administrative functions, security events, security parameters (and parameter values, as appropriate), physical ports, and logical interfaces of the cryptographic module available to the crypto officer,
procedures on how to administer the cryptographic module in a secure manner, and
assumptions regarding user behavior that are relevant to the secure operation of the cryptographic module.
</dir>
</dir>
User guidance shall specify:
<dir>
<dir>
the Approved security functions, physical ports, and logical interfaces available to the users of a cryptographic module, and
all user responsibilities necessary for the secure operation of a cryptographic module.
</dir>
</dir>
Free Windows Admin Tool Kit Click here and download it now
February 29th, 2012 1:42pm