Common Data Security Architecture (CDSA) White Paper
Chapter 1 13
Common Data Security Architecture (CDSA) White Paper
What Is CDSA?
Figure 1-2 CDSA Components on HP-UX
CDSA Components in HP-UX
Each component of the HP-UX CDSA infrastructure provides a key element necessary for a
unified security architecture.
The Common Security Service Manager (CSSM) provides access to the general security
services, such as encryption/decryption, signatures, and so forth. The CSSM’s Core Service
APIs:
• Provides capability for encryption, decryption, and authentication
• Integrate and manage all modular security services,
• Provide support for additional add-in security modules.
• Provide CSP integrity services.
A Cryptographic Service Provider (CSP) implements the functionality implied by the API
functions and services, including:
• Bulk encryption and decryption
• Digital signing and verification
• Cryptographic hash
• Key exchange
• Key and key-pair generation
• Random number generation
• Encrypted storage of private keys
Common Security Services Manager (CSSM) APIs
Trust Policy
Manager
and
Interface
Trust
Policy
Library
(TP)
Data Storage
Library
Manager
and
Interface
Data
Storage
Library
(DL)
Certificate
Library
Manager
and
Interface
Certificate
Library
(CL)
Crypotgraphy
Services
Manager
and
Interface
Cryptography
Services
Provider
(CSP)