Hardware Security Features

This section summarizes the system security requirements and recommendations for Net PC systems. For information about security for limiting user access in preboot modes, see the “BIOS and Remote New System Setup” section earlier in this document.

69. Smart card support meets interoperability specifications, if present

Required

Smart card readers and cards must be compatible with Interoperability Specification for ICCs and Personal Computer Systems, published by CP8 Transac, Hewlett-Packard, Microsoft, Schlumberger, and Siemens Nixdorf on http://www.smartcardsys.com.

In addition, smart card readers and device drivers must be Plug and Play compliant and adhere to the Win32 smart card specifications published in the Windows NT DDK. Smart card applications and service provider DLLs must adhere to the Win32 smart card specifications as published in the Win32 SDK.

70. Physical system security

Required

The following security features are required for Net PC hardware to prevent unauthorized access to hardware:

• External drive devices have security capabilities. Each removable media device on a Net PC system must be capable of being secured to prevent unauthorized access to data. This means that the device is rendered useless, either electronically or mechanically.
• PC case and switches have locking capabilities to prevent unauthorized internal access—an OEM-specific method can be implemented, either electronically or mechanically. Usability controls such as volume, brightness, and contrast that are usually configured by the end user are exempt from this requirement.
• Remote software management is supported for physical components. For information about requirements for remote management capabilities, see the “Platform Management Information Requirements” section earlier in this document and the related attachments.