User guide

CHAPTER 15

Administrator Cards

•

Creating Administrator Cards on page 57

Creating Administrator Cards

When you receive your Secure Access FIPS product, you receive 6 smart cards as part

of the package. A smart card is a removable key device that you must use in order to gain

access to some of the critical data and processes controlled by the cryptographic module.

Secure Access FIPS first requires you to use one of your smart cards while initializing the

cryptographic module through the serial console. During this process, Secure Access

FIPS creates a security world and transforms the smart card into an administrator card

that gives the holder access only to that security world.

Once the module is initialized, you do not need the administrator card for normal Secure

Access operations. However, you are required to use the administrator card whenever

you want to add another Secure Access FIPS machine to a cluster, reinitialize a module

with a new or different security world or replace administrator cards.

As a rule-of-thumb, any Secure Access FIPS operation that you must execute through

the Secure Access serial console requires an administrator card.

NOTE: Whenever you change your security world, you must determine how

to handle your existing administrator cards. Your choices include:

•

Reset your existing administrator cards to the new security world.

•

Use administrator cards that are pre-initialized to the new security world

and leave your existing administrator cards unchanged. Note that if you

choose this option, however, you cannot use the old, unchanged cards to

access the new security world.

Administrator Card Precautions

Since administrator cards are so critical to Secure Access FIPS operations and the security

of the keys within your security world, we strongly recommend that you take the following

precautions: