The HSM is supplied with two physical keys for the front panel. These have three functions:
· Both locks must be opened in order to remove the HSM from the cabinet
· Both locks must be opened to put the HSM into the secure state
· One lock (either one) must be opened to put the HSM into the offline state
Security precautions for the keys are as follows:
1. The two physical keys must be stored securely.
2. Access to a physical key must be restricted to an authorised officer, and only when necessary.
3. It must not be possible for any one authorised individual to gain access to more than one physical key.
4. Use of the physical key must be subject to audit control.
5. If a previously authorised individual becomes unauthorised, measures must be taken to ensure that the individual no longer has access to the key.
6. Copies of the keys should be kept separately, off-site. These copies must be subject to the same access controls as the original keys.