The HSM must be set into the Authorised state before certain ‘privileged’ functions can be performed. This can be achieved only by Authorising Officers using their Passwords and Smartcards. The Authorized state is required for all operations that are more sensitive than normal, such as the entry of ZMK components and any other functions that involve unencrypted secret data.
The Authorise Activity State command allows precise selection of the commands to be authorised, including any timeout periods required.
Recommendations for usage of authorised functions are as follows:
1. At least two separate authorised individuals must be required to switch the unit into Authorised State.
2. Before the HSM is switched into the Authorised State, the identities of both authorised officers should be checked and logged, with audit entries signed by both officers.
3. If a previously authorised individual is no longer authorised, procedures should be put in place to prevent him from acting subsequently as an authorised individual.
4. When the functions requiring Authorised state have been completed, the Authorised state should be cancelled.