A program requiring network access to a repository of security assets needs to obtain credentials that are required to authenticate to the repository. For interactive programs these can be obtained by prompting the user for the credentials, such as a password or key. For non-interactive programs, such as daemon programs running on server hosts, this becomes difficult.
Sometimes a hardware security module or smart card can be used to store the credentials, but a hardware based solution presents its own problems in terms of cost and hardware compatibility issues, and often requires a PIN to access the device that holds the key or password used to authenticate. Additionally, hardware based solutions may not be an option in a cloud environment. A common solution is to persist the credentials outside of the security asset repository, which undermines the point of having such a repository and creates additional security asset management problems.
There is thus a need for addressing these and/or other issues associated with the prior art.