Security functions
Access rights of SmartCards
SmartCard
SmartCard
SmartCard
A new SmartCard initially only has a preset PIN and PUK. Access rights and the customised
PIN and PUK are not assigned until the SmartCard is initialised. The SmartCard type
depends on the access rights assigned to the card, as described below:
•
User SmartCard: starting the system, changing the PIN
•
SuperUser SmartCard: starting the system, changes in BIOS Setup, changing the PIN
•
Service SmartCard: changes in BIOS-Setup, operating system boot-up not possible
•
Admin SmartCard: starting the system, changes in BIOS Setup, changing the PIN,
uninstalling SystemLock, initialising SmartCards, blocking SmartCards
The following table shows an overview of the rights granted with each type of
SmartCard when a PIN or PUK is entered:
Start-up system
Run BIOS Setup
Change own PIN
Unblocking own
blocked SmartCard
Unblocking all blocked
SmartCards
Generating user cards
Uninstall SystemLock
* BIOS Setup setting (Unblock own SmartCard)
Usually there is always one Admin SmartCard and at least one User or SuperUser
SmartCard that will allow a system to be operated.
68
User
SmartCard
PIN
PUK
PIN
x
x
x
x
x
x*
SuperUser
SmartCard
SmartCard
PUK
PIN
x
x
x*
Service
Admin
SmartCard
PUK
PIN
x
x
x
x*
PUK
x
x
x
x
x
Fujitsu