Smartcard as system protection (systemlock) – FUJITSU S SERIES Manuel d'utilisation
Page 73
Security functions
A26391-K144-Z120-1-7619, edition 2
63
SmartCard as system protection (SystemLock)
With SystemLock, the notebook can only be started with an initialised SmartCard (SICRYPT or
CardOS) and personal identification number (PIN). SmartCard and PIN are already checked during
system booting in the BIOS Setup, i.e. before the operating system is booted. To use SystemLock, the
following conditions must be met:
●
You must configure a SmartCard reader (see "Configuring and using SmartCard reader")
section.
●
You must install SystemLock on your notebook.
●
You must initialise two SmartCards (one Supervisor SmartCard and one User SmartCard).
i
All new SmartCards have a preset PIN (Personal Identification Number) and a preset PUK
(Personal Unblocking Key).
On SICRYPT and CardOS SmartCards PIN and PUK are preset to 12345678.
For reasons of security, we recommend that you change both PIN and PUK.
Access rights of the SmartCards
New SmartCards have only a preset PIN and a preset PUK. The initialisation is carried out after
entering the PUK. Access rights and an individual PIN are not assigned until the SmartCard is
initialised. Depending on which access rights the SmartCard is assigned, this is referred to as a
User SmartCard or a Supervisor SmartCard.
The following table shows an overview of the rights associated with each SmartCard type when a
PIN or PUK is entered:
User SmartCard Supervisor SmartCard
Rights
PIN
PUK
PIN
PUK
System start-up
X
X
Calling BIOS Setup X
X
Changing own PIN
X
X
X
Unblocking all blocked SmartCards
X
Creating user SmartCard
X
Deactivating SystemLock
X