Optima x561 Verweisanleitung
Trusted Platform Module Quick Reference
5
The very nature of a non-migratable key is that they can be used on one and
only one TPM. In the event of a system or TPM failure, all non-migratable keys
and the data associated with them will be inaccessible and unrecoverable.
only one TPM. In the event of a system or TPM failure, all non-migratable keys
and the data associated with them will be inaccessible and unrecoverable.
The following precautions and procedures may assist in recovering
from any of the previously listed situations. Failure to implement
these security precautions and procedures may result in
unrecoverable data loss.
from any of the previously listed situations. Failure to implement
these security precautions and procedures may result in
unrecoverable data loss.
Password Procedures
The Wave Systems EMBASSY Security Center software allows users to
configure passwords from 8 to 255 characters.
A good password should consist of:
•
configure passwords from 8 to 255 characters.
A good password should consist of:
•
At least one upper case letter (A to Z)
•
At least one numerical character (0 to 9)
•
At least one symbol character (!, @, &, etc.)
Example Passwords: “I wear a Brown hat 2 worK @ least once-a-month” or
“uJGFak&%)adf35a9m”
“uJGFak&%)adf35a9m”
✏
NOTE
Avoid using names or dates that can be easily guessed, such as birthdays,
anniversaries, family member names, or pet names.
anniversaries, family member names, or pet names.
All passwords associated with the EMBASSY Security Center (owner, TPM
Key Archive, and other archives) as well as the EMBASSY Trust Suite are
NOT RECOVERABLE and cannot be reset without the original text. The
system owner should document all passwords, store them in a secured location
(a vault, safe deposit box, or off-site storage), and have them available for
future use.
These documents should be updated after any password changes are made.
Key Archive, and other archives) as well as the EMBASSY Trust Suite are
NOT RECOVERABLE and cannot be reset without the original text. The
system owner should document all passwords, store them in a secured location
(a vault, safe deposit box, or off-site storage), and have them available for
future use.
These documents should be updated after any password changes are made.
Emergency Recovery File Back Up Procedures
Use the EMBASSY Security Center to create the TPM Key Archive file
(keyarchive.xml) onto a removable media (a floppy, CDR, or flash media).
Once this is completed, the removable media should be stored in a secure
location. DO NOT LEAVE ANY COPIES of the TPM Key Archive on the
hard drive or within any hard drive image backups. If a copy of the TPM Key
Archive remains on the system, it could be used to compromise the Trusted
Platform Module and platform.
This procedure should be repeated after any password changes or the addition of
a new user.
(keyarchive.xml) onto a removable media (a floppy, CDR, or flash media).
Once this is completed, the removable media should be stored in a secure
location. DO NOT LEAVE ANY COPIES of the TPM Key Archive on the
hard drive or within any hard drive image backups. If a copy of the TPM Key
Archive remains on the system, it could be used to compromise the Trusted
Platform Module and platform.
This procedure should be repeated after any password changes or the addition of
a new user.