S 4.88 Operating system security requirements when using crypto modules

Initiation responsibility: IT Security Officer

Implementation responsibility: IT Security Officer

Whenever crypto modules are used, the way in which they are integrated into or dependent on the operating system running on the host system is particularly significant. The interaction between the operating system and the crypto module must ensure that:

• the crypto module cannot be deactivated or circumvented (for example by manipulation or by the exchange of drivers),
• the keys used or stored cannot be compromised (for example by the reading out of RAM areas),
• the data being protected can be stored on data media (including being stored without encryption) or may leave the information-processing system (for example if there is a network connection) only with the knowledge of and under the control of the user,
• attempts at manipulation of the crypto module will be detected.

The level of the operating system security requirements is liable to vary according to the type of crypto module (implementation in hardware or software, strategy for integration into the IT component etc.), the conditions in which it is used and the degree of protection required for the data. Where crypto modules are implemented in software, the use of a secure operating system is particularly important. Commercial PC operating systems are generally so complex and subject to such short innovation cycles that it is barely possible to verify or prove the security of data or a system. One exception may be proprietary operating systems or operating systems optimised for special applications (such as special-purpose operating systems in cryptographic devices). It is therefore important when using cryptographic products with standard operating systems for such purposes as file encryption or the safeguarding of e-mails that all standard security measures for the operating system are put in place. The security-related requirements for these IT systems are described in the respective system-specific sections, for example for clients or for servers in layer 3.

Crypto modules implemented in hardware can be designed so as to compensate for deficiencies in operating system security, or to eliminate them altogether. The responsibility for satisfying the requirements specified above lies solely with the crypto module. It must be able to recognise, for example, whether or not authorisation is required to write unencrypted data to data media or other device interfaces, bypassing the module. The user must decide what combination of operating system and crypto module is required, in compliance with the security strategy drawn up for his particular working environment.

Review questions:

• Is it ensured that the crypto modules installed cannot be deactivated or circumvented without this being noticed?
• Does the interaction between the operating system and the crypto module ensure that the cryptographic keys cannot be compromised?