Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
Part 1: General - Computer Security Resource Center - National ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
March, 2007<br />
1. Section 1, Introduction, establishes the purpose, scope and intended audience of the<br />
Recommendation for Key Management<br />
2. Section 2, Glossary of Terms and Acronyms, provides definitions of terms and acronyms<br />
used in this part of the Recommendation for Key Management. The reader should be<br />
aware that the terms used in this recommendation may be defined differently in other<br />
documents.<br />
3. Section 3, <strong>Security</strong> Services, defines the security services that may be provided using<br />
cryptographic mechanisms.<br />
4. Section 4, Cryptographic Algorithms, provides background information regarding the<br />
cryptographic algorithms that use cryptographic keying material.<br />
5. Section 5, <strong>General</strong> Key Management Guidance, classifies the different types of keys and<br />
other cryptographic information according to their uses, discusses cryptoperiods and<br />
recommends appropriate cryptoperiods for each key type, provides recommendations and<br />
requirements for other keying material, introduces assurance of domain parameter and<br />
public key validity, discusses the implications of the compromise of keying material, and<br />
provides guidance on cryptographic algorithm strength selection implementation and<br />
replacement.<br />
6. Section 6, Protection Requirements for Cryptographic Information, specifies the<br />
protection that each type of information requires and identifies methods for providing this<br />
protection. These protection requirements are of particular interest to cryptographic<br />
module vendors and application implementers.<br />
7. Section 7, Key States, identifies the states in which a cryptographic key may exist during<br />
its lifetime.<br />
8. Section 8, Key Management Phases and Functions, identifies four phases and a multitude<br />
of functions involved in key management. This section is of particular interest to<br />
cryptographic module vendors and developers of cryptographic infrastructure services.<br />
9. Section 9, Accountability, Audit, and Survivability, discusses three control principles that<br />
are used to protect the keying material identified in Section 5.2.<br />
10. Section 10, Key Management Specifications for Cryptographic Devices or Applications,<br />
specifies the content and requirements for key management specifications. Topics<br />
covered include the communications environment, component requirements, keying<br />
material storage, access control, accounting, and compromise recovery.<br />
Appendices A and B are provided to supplement the main text where a topic demands a more<br />
detailed treatment. Appendix C contains a list of appropriate references, and Appendix D<br />
contains a list of changes to the originally published version of this document.<br />
18