Spectra T50e - Page 311

To Next Page

To Previous Page

Chapter 10—Encryption and Key Management BlueScale Key Management

August 2017 User Guide—Spectra T50e Library

308

Key Protection Features of BlueScale Professional

IfyouareusingBlueScaleEncryptionStandardEdition,continuewith

ExportanEncryptionKeyonpage309.

Three Passwords to Access Export and import Key Functions Ifyou

enabledMul t i‐Usermodewhenyouconfiguredtheencryptionfeature,you

mustentertwoofthethreeencryptionpasswordsinordertoexportkeys

fromthelibrary.SeeConfiguretheUserMode(BlueScaleProfessional

Only)onpage285)andConfiguretheSecureInitializationMode

(BlueScaleOnly)onpage286forinformationaboutenablingMulti‐User

modeandconfiguringthelibrary tosupportmultipleencryptionpasswords.

Export as M-of-N Shares WiththeStandardEdition,anexportedkeyis

encryptedandsavedasapassword‐protectedfilethatiseithercopiedtoa

USBdeviceorsentasanemailattachmenttoapreconfiguredrecipient.

TheProfessionalEditionoffersanadditionsafeguardwhenexportingand

importingencryptionkeys.Ifdesired,youcanchoosetosplitanencryption

keyintomultiplefiles(M‐of‐Nshares)whenyouexportit.Duringthe

exportprocess,youselecttheatotalnumberofshares(N)tosplitthekey

intoandthesubsetofthoseshares(M)requiredtoimporttheencrypted

keyfileintothelibrary.Dependingonyoursite requirement,youcanselect

oneofthefollowingoptionsforyourM‐of‐Nshares:

 2‐of‐3

 2‐of‐4

 3‐of‐4

 2‐of‐5

 3‐of‐5

 4‐of‐5

EachofthesharesisthencopiedtoaseparateUSBdeviceorsenttoa

separatemailrecipient.SeeStep4onpage310foradditionalinformation

aboutusingtheM‐of‐Nsharesoptionwhenexportingakey.

Requirements for Exporting Keys as M-of-N Shares IfyouhaveBlueScale

ProfessionalEditionandyouwanttoexporttheencryptionkeyasM‐of‐N

shares,youmustmeetthefollowingrequirements.

 IfyouselecttoexportthekeytoUSB,youneedaseparateUSBdevice

foreachshare.ThesharesarecopiedtotheUSBdevicesoneafterthe

other.

 Ifyouchoosetoemailthekey,youmustselectdifferent,previously

configuredmailuserstoreceivetheshares.Eachrecipientreceivesone

shareasanemailattachment.

 Althoughyoucanemailshareswhenexportingthekey,theonlywayto

importsharesofakeyistouseUSBdevices.

Forexample,ifyouchoosethe2‐of‐3option,thentheencryptedkey,which

isfurtherprotectedbyakey‐specificpassword,issplitintothreeshares.

EachshareisthencopiedtoaseparateUSBdevicesorsentasanemail

attachment.

Main Page

Spectra T50e - Page 311

Table of Contents

Other manuals for Spectra T50e

Related product manuals