diff --git a/quorum-key-management/src/component-documents/hardware-procurement-and-chain-of-custody.md b/quorum-key-management/src/component-documents/hardware-procurement-and-chain-of-custody.md index 4bda252..ebc2bcf 100644 --- a/quorum-key-management/src/component-documents/hardware-procurement-and-chain-of-custody.md +++ b/quorum-key-management/src/component-documents/hardware-procurement-and-chain-of-custody.md @@ -11,6 +11,7 @@ The following steps must all be completed under the continued supervision and wi ## Provisioning Equipment // ANCHOR: steps + 1. Selecting a Purchase Location * Select at least 4 stores which carry the type of equipment being purchased, then randomly select one using the roll of a die, or other random method. This is done in order to reduce the likelihood that a threat actor is able to plant a compromised computer in a store ahead of time. diff --git a/quorum-key-management/src/component-documents/tamper-evidence-methods.md b/quorum-key-management/src/component-documents/tamper-evidence-methods.md index db3e8b1..c3e05d6 100644 --- a/quorum-key-management/src/component-documents/tamper-evidence-methods.md +++ b/quorum-key-management/src/component-documents/tamper-evidence-methods.md @@ -115,13 +115,15 @@ Sealing bags of standard size objects which need to be protected can fit in. The 1. Insert object into plastic bag -2. Fill bag with enough plastic beads that all of the object is surrounded +1. Fill bag with enough plastic beads that all of the object is surrounded -3. Use vacuum sealer to remove air from the bag until the beads are no longer able to move +1. Use vacuum sealer to remove air from the bag until the beads are no longer able to move -4. Take photographs of both sides of the sealed object using both the digital and polaroid camera +1. Take photographs of both sides of the sealed object using both the digital and polaroid camera -5. Take the SD card to an online connected device and commit the photographs to a repository, ensuring the commit is signed +1. Date and sign the polaroid photographs and store them in a local lock box + +1. Take the SD card to an online connected device and commit the photographs to a repository, ensuring the commit is signed // ANCHOR_END: vsbwf-procedure-sealing @@ -130,11 +132,11 @@ Sealing bags of standard size objects which need to be protected can fit in. The 1. Retrieve photographs of the top and the bottom of the object which were taken of the sealed object -3. Compare polaroid and printed photographs of digital record to the current state of the sealed object +1. Compare polaroid and printed photographs of digital record to the current state of the sealed object -4. Compare polaroid to printed photographs of digital record +1. Compare polaroid to printed photographs of digital record -2. If there is no noticeable difference, proceed with unsealing the object, otherwise initiate an [incident response process (todo)](TODO). +1. If there is no noticeable difference, proceed with unsealing the object, otherwise initiate an [incident response process (todo)](TODO). // ANCHOR_END: vsbwf-procedure-unsealing @@ -155,15 +157,15 @@ Glitter can be used as an additional control to provide tamper evidence on speci 1. Clean the surface the glitter will be applied to -2. Apply a thin layer of the first type of glitter +1. Apply a thin layer of the first type of glitter -3. Wait for it to dry +1. Wait for it to dry -4. Repeat steps 2, 3 with the different types of glitter being used +1. Repeat steps 2, 3 with the different types of glitter being used -5. Take a photograph of the laptop, preferably using the [tamper proofing station](tamper-evidence-methods#tamper-proofing-station) +1. Take a photograph of the laptop, preferably using the [tamper proofing station](tamper-evidence-methods#tamper-proofing-station) -6. Ensure the SD card is in dual custody until it's uploaded to a repository, and signed by both parties (one creates a PR, the other creates a signed merge using the `git` CLI) +1. Ensure the SD card is in dual custody until it's uploaded to a repository, and signed by both parties (one creates a PR, the other creates a signed merge using the `git` CLI) #### Verification diff --git a/quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/pgp-key-bootstrapping.md b/quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/pgp-key-bootstrapping.md index a32dd6d..8879dc2 100644 --- a/quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/pgp-key-bootstrapping.md +++ b/quorum-key-management/src/generated-documents/level-2/fixed-location/provisioner/pgp-key-bootstrapping.md @@ -16,9 +16,11 @@ The initial set up requires the provisioner and operator to do all of these in a * SD Cards: [Provisioning Guide](./provision-sd-card.md) - * 3 per PGP keypair + * 3 per PGP keypair (for backups) -* Designated facility +* Designated [facility](./provision-facility.md) + +* Sealable plastic bag: {{ #include ../../../../component-documents/hardware-models.md:sealable-plastic-bags }} ## Procedure @@ -50,6 +52,8 @@ The following objects should be in the bundle: * Airgapped computer +#### Procedure + {{ #include ../../../../component-documents/tamper-evidence-methods.md:vsbwf-procedure-sealing}} 1. Create tamper proofed bundle (airgapos, laptop)