User Manuals : DIRAC User Manual : DIRAC Functional Description
Hitachi Energy
DIRAC Functional Description
DIRAC Operator Roles
The implementation of the DIRAC system is compliant with FIPS 140-2 security level 2. This means:
The cryptographic module employs role-based authentication to control access to the module.
The cryptographic module is not required to authenticate the individual identity of the operator.
The cryptographic module supports the following authorized roles for operators:
“User Role”:
The user role performs general security services, including cryptographic operations and other approved security functions.
The “User Role” in case of the DIRAC system corresponds to the scope of the currently identified FOXMAN-UN user when using the FOXMAN-UN ESM.
The “User Role” in case of the DIRAC system corresponds to the scope of the DIRAC administrator when using the DIRAC CLI.
“Crypto Officer Role”:
The crypto officer role performs cryptographic initialization or management functions, e.g. module initialization, input/output of cryptographic keys, and audit functions.
The “Crypto Officer Role” in case of the DIRAC system corresponds to the actual scope of the DIRAC CLI (= ‘dirac’ user) and SENC1 CLI (= ‘admin’ user) commands, and to the scope of the SENC1 maintainer user.
Above roles are implemented using the “dirac” user account.