AEP KOREANET
DATA

HSM ÀÚ·á½Ç °ü·ÃÀڷḦ ´Ù¿î·Îµå ¹ÞÀ» ½Ç ¼ö ÀÖ½À´Ï´Ù.

Äڵ弭¸í ÀÎÁõ¼­¿Í Private-KeyÀÇ ¾ÈÀüÇÑ º¸°ü
µî·ÏÀÏ
2016-03-28
Á¶È¸¼ö
1843
Äڵ弭¸í ÀÎÁõ¼­¸¦ ¾ÈÀüÇÏ°Ô º¸È£ÇÏ·Á¸é, Äڵ弭¸í¿¡ »ç¿ëµÇ´Â Private-key¸¦ ¾ÈÀüÇÏ°Ô º¸È£ÇØ¾ß ÇÑ´Ù°í ÇÕ´Ï´Ù.

½Ã¸¸ÅØ(Symantec)¿¡¼­ ÀÛ¼ºÇÑ Whitepaper¸¦ º¸¸é, Code-Signing Certificate¸¦ ¹ßÇàÇÏ´Â CA ±â°üÀ¸·Î¼­ ½Ã¸¸ÅØÀº, Certificate ¹ßÇà½Ã »ç¿ëÇÏ´Â ÀÚ»çÀÇ Private-Key¸¦ ¾ÈÀüÇÏ°Ô º¸È£Çϱâ À§ÇÏ¿© HSM Àåºñ¸¦ »ç¿ëÇÏ°í ÀÖ´Ù°í ÇÕ´Ï´Ù. ¶ÇÇÑ Äڵ弭¸íÀ» ¼öÇàÇÏ´Â ±â¾÷Àº ÀÚ»çÀÇ Private-Key¸¦ ¾ÈÀüÇÏ°Ô º¸È£Çϱâ À§ÇÏ¿© HSM À» »ç¿ëÇÒ °ÍÀ» ±Ç°í ÇÏ°í ÀÖ½À´Ï´Ù. Whitepaper¿¡¼­´Â FIPS 140-2 Level 3¸¦ ¾ð±ÞÇÏ°í ÀÖÀ¸¸ç, Private-Key¸¦ º¸°üÇÏ°í ÀÖ´Â HSMÀåºñ ÀÚü¸¦ µµµÏ¸ÂÁö ¾Ê´Â ÇÑ ¾ÈÀüÇÏ´Ù°í ¾ð±ÞÇÏ°í ÀÖ½À´Ï´Ù.

´ç»ç°¡ ±¹³»¿¡ °ø±ÞÇÏ°í ÀÖ´Â KeyperPlus ¶ó´Â HSM Àåºñ´Â FIPS 140-2 Level 4 ÀÎÁõÀ» ¹ÞÀº Àåºñ·Î, HSM Àåºñ¸¦ µµµÏ ¸Â´õ¶óµµ ÀúÀåµÈ Private-Key¸¦ ¿ÜºÎ·Î ³ëÃâ½ÃÅ°Áö ¾Êµµ·Ï ÀÚµ¿ Æıâ ÇÏ´Â ±â´ÉÀ» °¡Áö°í ÀÖ½À´Ï´Ù. .

½Ã¸¸ÅØ¿¡¼­ ÀÛ¼ºÇÑ Whitepaper : Securing Your Private Keys As Best Practice for Code Signing Certificates :
https://www.symantec.com/content/en/us/enterprise/white_papers/b-securing-your-private-keys-csc-wp.pdf