iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Integrating the WebSafe2 Internet Security
Processor (WISP)
iTP Secure WebServer System Administrator’s Guide—522659-001
5-2
The WISP provides maximum security for private communication because
•
It encrypts the iTP Secure WebServer’s private key with a Master File Key (MFK).
The WISP keeps the only copy of the MFK.
•
The WISP’s contents cannot be accessed over a network.
WISPs use industry-standard RSA and DES algorithms to offload the public/private key
encryption/decryption tasks from the server. It provides a physically and logically secure
location for these tasks to be performed, preventing unwanted access to keying material.
The contents of WISPs are protected by the MFK, which is a key loaded into it at
initialization time. The WISP can only be initialized and managed using a device called
a Secure Configuration Terminal (SCT); it cannot be controlled or its contents accessed
using a network connection.
WISPs are equipped with sensors designed to detect tampering, extreme variations in
temperature, and dangerous fluctuations in voltage.
Figure 5-1. WebSafe2 Internet Security Processors (WISPS) in an iTP Secure
WebServer Environment
WebSafe2
Interface Driver
(WID)
iTP Secure
WebServer
NonStop Kernel
Web
Clients
3615 Ethernet
LAN Controller
WebSafe2
Internet Security
Processors
(WISPs)
CDT012.CDD
3615 Ethernet
LAN Controller