Configuration of Security Information
The security functionality behaves differently depending on the TPM settings.
When the TPM setting is ON, the TPM key is enabled to secure information with the three keys. Therefore, the security information held in each machine is safely protected.
The security information can be accessed by the three keys and multiple passwords stored in the SRAM and HDD. Each data is stored in the specified location (enclosed with blue dots in the figure below). Since the data in the upper layer are linked to those in the lower layer, security information is activated only when data in all the layers are linked.
For the backup purpose, the backup key is temporarily stored also in the HDD to be prepared for a TPM failure (only for the initial failure after the TPM setting is ON). This key can be backed up using the USB memory. Once backed up, the backup key is deleted from the HDD.
The common key information is stored in the HDD as well as the SRAM. The common key stored in the SRAM is cleared when the Main Controller PCB 2 (SRAM) is replaced or after MN-CON clear. However, the common key stored in the HDD automatically restores that in the SRAM so that the security information is decodable even after servicing. Note that the security information is not decodable correctly in case the HDD is failed or formatted because the public key information stored in the HDD is cleared. If this occurs, execute “Initialize All Data / Settings” in user mode to set the TPM setting to OFF. This will maintain the password information in the SRAM even after the password information is initialized.
When the TPM setting is OFF, the TPM key is disabled. Thus, the security information is protected only by the common key.
The security information held in this machine is protected at the level equivalent to the conventional machines.
The security functionality in this setting is configured by the common key and multiple passwords stored in the SRAM and HDD.
The common key information is stored in the HDD as well as the SRAM. The common key stored in the SRAM is cleared when the Main Controller PCB 2 (SRAM) is replaced or after MN-CON clear. Since the common key stored in the HDD will automatically restore the common key in the SRAM, the security information is decodable correctly even after servicing. Unlike the case that the TPM setting is set to ON, the password information stored in the HDD is initialized when the HDD is replaced or formatted. However, the password information is maintained in the SRAM.