Personal Security Environment (PSE)
A personal security environment (PSE) is a secure location where the public-key information of a user or component is stored. The PSE for a user or component is typically located in a protected directory in the file system or on a smart card. It contains both the public information (public-key certificate and private address book) as well as the private information (private key) for its owner. Therefore, only the owner of the information should be able to access his or her PSE.
For example, the SAP Security Library (SAPSECULIB) stores the application server's information in a PSE. In this case, the PSE contains both the private address book for the SAP system as well as the SSF profile.
The PSE for a user or component contains the information needed to create and verify digital signatures and to create or open digital envelopes. As part of a system workflow, when the system creates a digital signature for a user, the user has to give the system explicit permission to access the information in his or her PSE. For example, he or she must enter the personal identification number (PIN) or passphrase that protects the PSE.
The exact structure and contents of the PSE are determined by the product that you use. Typical contents of a PSE include the user's public-key certificate, private address book, and private key.