Note: Before you proceed with the configurations explained in this section, ensure that you have set up the HSM server and client, and generated the 3DES key in the HSM. Refer to "(Optional, Only If You are Using HSMs) Requirements for HSM" for more information.
As mentioned in "Hardware Security Module (HSM) Requirements", RiskMinder now supports Hardware Security Module (HSM) to secure your data. If you choose to encrypt the data by using HSM, then the data that is stored in the database is encrypted with the key that resides in the HSM.
By default, RiskMinder uses the software (S/W) mode to encrypt data. Therefore, you must change the mode to hardware (chrysalis or nfast). You do so by using the [arcot/crypto/device] section in arcotcommon.ini. This file also provides separate sections for configuring the required HSM, which in the current release are:
Based on the HSM you are configuring, specify the sharedLibrary parameter in the corresponding section. After you specify the HSM information, re-create the securestore.enc file with the HSM key label, initialize the HSM, and then initialize RiskMinder to use the HSM key.
|
Copyright © 2013 CA.
All rights reserved.
|
|