HSM ÀÚ·á½Ç °ü·ÃÀڷḦ ´Ù¿î·Îµå ¹ÞÀ» ½Ç ¼ö ÀÖ½À´Ï´Ù.
Äڵ弸í ÀÎÁõ¼¿Í Private-KeyÀÇ ¾ÈÀüÇÑ º¸°ü |
µî·ÏÀÏ | 2016-03-28 |
Á¶È¸¼ö | 1843 |
Äڵ弸í ÀÎÁõ¼¸¦ ¾ÈÀüÇÏ°Ô º¸È£ÇÏ·Á¸é, ÄÚµå¼¸í¿¡ »ç¿ëµÇ´Â Private-key¸¦ ¾ÈÀüÇÏ°Ô º¸È£ÇØ¾ß ÇÑ´Ù°í ÇÕ´Ï´Ù. ½Ã¸¸ÅØ(Symantec)¿¡¼ ÀÛ¼ºÇÑ Whitepaper¸¦ º¸¸é, Code-Signing Certificate¸¦ ¹ßÇàÇÏ´Â CA ±â°üÀ¸·Î¼ ½Ã¸¸ÅØÀº, Certificate ¹ßÇà½Ã »ç¿ëÇÏ´Â ÀÚ»çÀÇ Private-Key¸¦ ¾ÈÀüÇÏ°Ô º¸È£Çϱâ À§ÇÏ¿© HSM Àåºñ¸¦ »ç¿ëÇÏ°í ÀÖ´Ù°í ÇÕ´Ï´Ù. ¶ÇÇÑ Äڵ弸íÀ» ¼öÇàÇÏ´Â ±â¾÷Àº ÀÚ»çÀÇ Private-Key¸¦ ¾ÈÀüÇÏ°Ô º¸È£Çϱâ À§ÇÏ¿© HSM À» »ç¿ëÇÒ °ÍÀ» ±Ç°í ÇÏ°í ÀÖ½À´Ï´Ù. Whitepaper¿¡¼´Â FIPS 140-2 Level 3¸¦ ¾ð±ÞÇÏ°í ÀÖÀ¸¸ç, Private-Key¸¦ º¸°üÇÏ°í ÀÖ´Â HSMÀåºñ ÀÚü¸¦ µµµÏ¸ÂÁö ¾Ê´Â ÇÑ ¾ÈÀüÇÏ´Ù°í ¾ð±ÞÇÏ°í ÀÖ½À´Ï´Ù. ´ç»ç°¡ ±¹³»¿¡ °ø±ÞÇÏ°í ÀÖ´Â KeyperPlus ¶ó´Â HSM Àåºñ´Â FIPS 140-2 Level 4 ÀÎÁõÀ» ¹ÞÀº Àåºñ·Î, HSM Àåºñ¸¦ µµµÏ ¸Â´õ¶óµµ ÀúÀåµÈ Private-Key¸¦ ¿ÜºÎ·Î ³ëÃâ½ÃÅ°Áö ¾Êµµ·Ï ÀÚµ¿ Æıâ ÇÏ´Â ±â´ÉÀ» °¡Áö°í ÀÖ½À´Ï´Ù. . ½Ã¸¸ÅØ¿¡¼ ÀÛ¼ºÇÑ Whitepaper : Securing Your Private Keys As Best Practice for Code Signing Certificates : https://www.symantec.com/content/en/us/enterprise/white_papers/b-securing-your-private-keys-csc-wp.pdf |
|