In Certificate Authorities (CA) and PKIs the initial key, the Root Key, is the most important key of the whole system. It is used to sign the keys and generate certificates of the Sub-CA. It is also used to sign the Certificate Revocation List (CRL). The Root Key is often locked away in an offline HSM in a physical vault to safeguard it.
Using the Root Key is therefore a very complex maneuver as the responsible signers have to get together, retrieve the offline HSM, take it online, and sign, for example, a CRL. The same can be achieved with the Securosys SKA without any loss in security. By adding multi-authorization rules (attributes) to the Root Key there is no more need to take it offline and store in a vault anymore. Rather, the listed authorizers on the Root Key, fulfilling the quorum and other rules attached to the key, enable any sign requests.