Re: [Ejbca-develop] Data security

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On 05/23/2013 04:06 PM, Miguel Angel Robledo wrote:
> Hi,
>
> I wanted to know if all system data are stored in database or some data
> are to be stored in filesystem. With respect to security wanted to know
> how keys private are stored.

All system data is stored in filesystem.
If you are using an HSM the CAs signing keys are stored in the HSM.
If you are using soft keys the CA signing keys are store in the 
database, encrypted with activation password.

> Also, i read the difference in the enterprise version vs community see
> the following description "Full database integrity protection of all
> tables, to detect database manipulation". In the community there are
> levels of security with respect to manipulation of the database?

Without "database integrity protection" the database security means 
apply, i.e. you have username/password and authorization rules set on 
your database accounts.

Cheers,
Tomas
-----
PrimeKey Solutions offers commercial EJBCA and SignServer support 
subscriptions and training courses. Please see www.primekey.se or 
contact in...@pr... for more information.
http://www.primekey.se/Services/Support/
http://www.primekey.se/Services/Training/