User guide

CHAPTER 5

Security World

•

Creating a New Security World on page 17

•

Recovering an Archived Security World on page 20

Creating a New Security World

You cannot begin using a Secure Access FIPS machine until you create a security world

on it. However, in some case you may need to overwrite that security world with a new

one. For example, if you lose an administrator card, we recommend that you create a

brand new security world to prevent an untrusted source from finding the card and

accessing your security world. You may also need to create a new security world if you

cannot remember your original administrator cards pass phrases.

In order to create a new security world, you must have physical access to:

•

The cryptographic module(s) that belong to the security world.

•

A smart card reader (if you use an older model Secure Access device that does not

contain a built-in card reader).

•

One or more unformatted smart cards or administrator cards containing data that you

can safely overwrite.

NOTE: Your old administrator cards will not work with the new security world

until you reformat them with the new security world’s data. Also note that

once you set the switch to I and begin initialization, you must complete the

process. Otherwise, your security world is only partially initialized, making it

unusable.

WARNING: You must obtain one or more new device certificates from your

CA whenever you create a new security world.

Creating a Security World on a Stand-Alone Secure Access