How it Works
Panasonic
Loading...
CF74CCBAXBM
User Manual
32 pgs1.06 Mb0
Service Manual
83 pgs3.16 Mb0
TPM Installation Manual
11 pgs761.74 Kb0
Fingerprint Reader Operating Instruction
56 pgs1.79 Mb0
Table of contents
Loading...

Panasonic CF74CCBAXBM TPM Installation Manual

1
Installation Manual
Trusted Platform Module (TPM)
We recommend that this Installation Manual be printed.

TPM’s Outline

The conventional security measures such as file encryption and public key encryption save the encryption keys in the com­puter’s hard disk drive. Therefore the keys and passwords as well as the encrypted data are exposed to the risk of unautho­rized copying and hacking. The TPM method saves the encryption keys in the TPM chip that is separated from the hard disk drive and CPU. To access the encryption keys, you need to input the password registered in the Security Platform (Î page 8). You can apply a different security setting to each user account in the Security Platform.
Conventional encryption TPM encryption
2
The encryption key is saved as a file in the hard disk drive.
Document encryption
Document
Key encryption
The key remains unencrypted.
The encryption key is saved in the TPM chip.
Document encryption
Document
Password input is necessary to access the key.
Key encryption
TPM
securely
saved.
Hacking

Precautions

3

Security Functions

z The TPM method does not guarantee data protection under all conditions. z The TPM method uses multiple encryption keys, certificates and passwords. You cannot decrypt the encrypted data if you
lose them. Safely keep the keys, certificates and passwords. (See “Backup” below.)
z We shall not be liable for any loss or damage whatsoever resulting from your TPM use or your neglect of TPM use, or any
data loss resulting from such developments as TPM malfunctioning.
z Personal Secure Drive function is not supported with Fast User Switching function enabled environment. Disable Fast
User Switching function when you use the Personal Secure Drive function.

Backup

The files described below are necessary for recovering the Security Platform function. Back them up periodically in a safe location such as removable disk to avoid data loss resulting from TPM malfunctioning or other accidents. We recommend you to store the files in removable disk or network drive because the benefit of TPM security can be reduced if you keep the files in the internal hard disk drive.
NOTE
z In the default setting, the “System Backup Archive”, “Emergency Recovery Token”, “Password Reset Token”, and
“Personal Secret File for Password Reset” are stored in “C:\Documents and Settings\(user account)\My Documents\”. If a removable disk is connected, the files excluding the System Backup Archive are automatically stored in the remov­able disk by priority.
z Files used by the Computer Administrator
System Backup Archive (Default name: SPSystemBackup.xml) You need this file when you replace the embedded TPM chip or the hard disk drive, or reinstall Windows. The file contains the backup of the emergency recovery data, and the keys, certificates and settings of all users. If you make the setting of routine backup, the backup of each user setting will be automatically saved at the scheduled interval. To ensure the latest backup, manually backup every time you create or change the user setting. For further information, refer to “How to Backup and Restore”-“How to Configure automatic Backups (“System Backup”)” in the Infineon Security Platform Help menu. (Click [start]-[All Programs]-[Infineon Security Platform Solution]-[Help on Security Platform]-[Welcome to the Infineon Security Platform Solution]-[Advanced Security Platform Operation]­[Backup and Restore Security Platform Data])
Emergency Recovery Token (Default name: SPEmRecToken.xml) You need this file when you replace the embedded TPM chip. Use the file for recovery using the emergency recovery data. (The emergency recovery data is contained in the System Backup Archive and protected by this file.)
Precautions
Password Reset Token (Default name: SPPwdResetToken.xml) You need this file to create the Reset Authorization Code that is required to reset a specific user’s password. You cannot reset the password without this token.
z File used by each User
Personal Secret File for Password Reset (Default name: SPPwdResetSecret.xml) You use this file in combination with the Password Reset Token to reset the Basic User Password.
4

Cautions for Encryption

z Do not encrypt the files described in “Backup” (Î page 3). If you encrypt them, you will not be able to restore the Security
Platform settings. In the default setting, these files are stored in “C:\Documents and Settings”. Do not encrypt “C:\Docu­ments and Settings”.
z Do not encrypt the files in “C:\Program Files” because they contain a lot of application software. If you encrypt them, other
users cannot access the software, and the software may not start up or other malfunction may occur. Note that encrypting other files such as “C:\” may also cause similar problems.
z Do not encrypt the “Security Platform” folder as well as any file/folder contained in it. This folder is created under the drive
(default setting: “C:\”) which you specified while setting up the Personal Secure Drive. Because the Security Platform refers to this folder, encrypting it may disable the Personal Secure Drive.
Loading...
+ 7 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use