FIPS 140-2 and User Roles
I know that FIPS 140-2 provides roles (Crypto Officer and User), but I can’t seem to find the answers to two very specific questions. 1. If a PC operator is the User Role (AKA not a local administrator) and somehow promotes themselves to be local administrator (AKA Crypto Officer) which allows them access to the key through manage-bde are they still complaint? In other words, can the standard operator or user who requires FIPS 140-2 be a Crypto Admin and still be compliant? The article from NIST (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp947.pdf) does not give that much detail and the FIPS standard is very vague. From what I read it sounds like the roles have to be separated and any overlap would mean non-compliance. Any clarification would be great. Many thanks to anyone able to clarify this for me!
January 4th, 2011 8:45am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics