Softcard for nCipher

In this section:

FIPS 140-2 level 3 requires user authentication to access functions that use keys in the HSM. nCipher supports this by requiring you to present an operator smart card each time you ran an application that wanted to access some application keys. This may seem secure, but it is not the case when you are using an application, which runs continuously and without any intervention. Recently nCipher addressed this issue with the concept of a softcard. A softcard appears just like an operator smart card but is instead a file on the hard disk. A PIN is also associated with this softcard just like a normal smart card, but the advantage is that an application can run unattended.


Top of page

x
Creating a Softcard

Assuming you have nCipher card installed as well as the software, you can run KeySafe to create a softcard:

Select Start, All Programs, KeySafe. On the left pane you will see a menu option for softcards. Select this option and then create a softcard.

You will be prompted for a name plus a PIN. You can list the slots using \nfast\bin\ckinfo to make sure you have your softcard installed as slot 1. You can list your softcards and you can run ckinfo from within \nfast\bin to show the slot configuration.


Top of page

x
Multiple Softcards

If you create more than one softcard, it appears that the slot numbers are allocated incrementally from 1 and higher, based on the alphabetic listing of the softcard names. This will not be a problem if you have only one softcard. However, if you plan to use multiple softcards, you must make sure that you have the correct slotListIndex configured in the nCipher configuration file for the SUN PKCS11.


iWay Software