|
Infineon Security Platform Solution |
User Roles
Security Platform Solution involves several user roles:
- All Security Platform user roles are based on Windows user accounts (local or domain users). These user accounts have been authenticated by Windows logon.
- Each user role has an intended purpose.
- When the Security Platform is configured, members of different user roles are initialized.
- Acting a specific user role requires a specific authentication (e.g. providing a specific password).
- A person can act multiple user roles.
The following table lists all user roles.
| User Role | Based on... | Purpose & Tasks | Initialization | Authentication |
| Security Platform Owner | Windows user account (local or domain), member of the Administrators group |
Perform critical administrative tasks, e.g. restoration of Security Platform. | Security Platform Initialization enables a Windows user to act as a Security Platform Owner. | Owner Password |
| Security Platform Administrator (also called just "Administrator") |
Windows user account (local or domain), member of the Administrators group |
Perform administrative tasks, which require Windows administrative rights. | No special initialization necessary. |
Apart from the authentication as Windows administrator, some administrative tasks require access to special token files protected by dedicated passwords |
| Security Platform User (also called just "User") |
Windows user account (local or domain) | Utilize Security Platform Features, e.g. file and folder encryption or secure
e-mail. Configure features and perform user-specific Security Platform tasks. |
Security Platform User Initialization enables a Windows user to act as a Security Platform User. | Basic User Password |
| EFS/PSD Recovery Agent (also called just "User") |
Usage of a dedicated recovery certificate and private key. | Recover a user's EFS or PSD data in case the original EFS/PSD credentials are lost. | EFS/PSD recovery is enabled by the registration of recovery agents. | Recovery agent's private key. |
©Infineon Technologies AG