HP Device Manager 4.5 - Security Mechanism
• One user is classified as the super administrator and others are classified as ordinary administrators.
• Each ordinary administrator can be put into or removed from a group. All administrators in the same group have the
same privileges.
• Each ordinary administrator or group can be granted certain privileges, such as managing specific thin client devices or
executing specific operations. The super administrator always has full control to the system.
Authentication management
HPDM provides an authentication capability that allows the HPDM Gateways and the HPDM Agents to recognize a secure
management server. There are three features for providing authentication: Key Management, Master Repository Controller
Access Control, and Gateway Access Control.
Key management
The authentication key enables the HPDM Agents to verify if the HPDM Server has the privilege to manage them. By default,
the HPDM Agents and HPDM Server have the same original key. For security, you can use Key Management to create a new
key, and then the HPDM Agents will update their keys automatically. After updating their keys, the HPDM Agents reject tasks
sent by servers that do not have the correct key.
An HPDM Agent saves the keys in the files key0.key and key1.key. The file key0.key is the default key and the file key1.key is
the current key. The key files are encrypted with DES in CBC mode. When the current key expires, the HPDM Agent uses the
default key to overwrite the current key.
To update an HPDM Agent key:
1. In the HPDM Console, select Key Management. Add a new key.
2. The HPDM Server sends the new key to the HPDM Gateway because the HPDM Gateway keeps the key list in its
memory.
3. When an HPDM Agent sends a startup report or tries to receive tasks, the HPDM Gateway will check the HPDM Agent
key’s MD5 hash value.
A. If the agent key’s MD5 cannot be recognized, the gateway will refuse the connection.
B. If the agent key’s MD5 belongs to an old key, the gateway will generate an update key task for the device. The
new key will be encrypted with the old one via a DES algorithm before being sent to the agent.
C. If the agent key’s MD5 is the same as the new one, the gateway will not do any additional operations.
4. The HPDM Agent receives the update key task, decrypts the new key using the old key, and updates the old key to the
new one.
Master Repository Controller access control
In the HPDM hierarchy, only the HPDM Server connects to the Master Repository Controller to manage the Master
Repository and Child Repositories. When the HPDM Server connects to the Master Repository Controller successfully, both
the HPDM Server and the MRC create an RSA key and an X.509 certificate. Then, they exchange the certificates, enroll them,
and start a TLSv1.0 connection for security. After the Master Repository Controller enrolls a certificate from an HPDM
Server, it rejects connections that either do not have a certificate or have a different certificate.
Gateway access control
The HPDM Server maintains the acknowledged status of a gateway, which is specified by the user from the HPDM Console.
When a gateway is discovered by the HPDM Server, the gateway is set to unknown status. You can either acknowledge the
gateway or ban it. The HPDM Server will neither establish a connection with a banned gateway nor receive any messages
sent from it unless it is later acknowledged.
By default, any gateway with an unknown status is treated like it is safe. HP recommends banning any unexpected
gateways that join the HPDM Server. Use the Gateway Access Control dialog to manually control access. Enable the option
to treat any gateways with an unknown status as unsafe unless they are later acknowledged.
Network communication
The connections between the HPDM components (Console, Server, Gateway, Agent, and Master Repository Controller) are
secure. is the components communicate through TLSv1.0 connections created with OpenSSL (www.openssl.org
). This
prevents data from leaking during network communication.
3