Seagate Savvio 15K Manual download pdf (Page 43)

Savvio 15K.2 SAS Product Manual, Rev. F 35

8.0 About FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. Government Computer

Security Standard used to accredit cryptographic modules. It is titled 'Security Requirements for Cryptographic

Modules (FIPS PUB 140-2)' and is issued by the National Institute of Standards and Technology (NIST).

Purpose

This standard specifies the security requirements that will be satisfied by a cryptographic module utilized within

a security system protecting sensitive but unclassified information. The standard provides four increasing,

qualitative levels of security: Level 1, Level 2, Level 3 and Level 4. These levels are intended to cover the wide

range of potential applications and environments in which cryptographic modules may be employed.

Validation Program

Products that claim conformance to this standard are validated by the Cryptographic Module Validation Pro-

gram (CMVP) which is a joint effort between National Institute of Standards and Technology (NIST) and the

Communications Security Establishment (CSE) of the Government of Canada. Products validated as conform-

ing to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive infor-

mation (United States) or Designated Information (Canada).

In the CMVP, vendors of cryptographic modules use independent, accredited testing laborites to have their

modules tested. National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratories per-

form cryptographic module compliance/conformance testing.

Seagate Enterprise SED

The SED drives referenced in this Product Manual have been validated by CMVP and have been thoroughly

tested to satisfy FIPS 140-2 Level 2 requirements. In order to operate in FIPS Approved Mode of Operation,

these SEDs require security initialization. For more information, refer to 'Security Rules' section in the 'Security

Policy' document uploaded on the NIST website - Cert# 1299: Seagate Secure® Enterprise Self-Encrypting

Drives FIPS 140 Module: http://csrc.nist.

gov/groups/STM/cmvp/documents/140-1/140val-all.htm

Security Level 2

Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module

by adding the requirement for tamper-evidence, which includes the use of tamper-evident coatings or

seals on removable covers of the module. Tamper-evident coatings or seals are placed on a cryptographic

module so that the coating or seal must be broken to attain physical access to the critical security

parameters (CSP) within the module. Tamper-evident seals are placed on covers to protect against

unauthorized physical access. In addition Security Level 2 requires, at a minimum, role-based authentica

tion in which a cryptographic module authenticates the authorization of an operator to assume a specific

role and perform a corresponding set of services.

1 2 ... 38 39 40 41 42 43 44 45 46 47 48 ... 77 78

No comments

Seagate Savvio 15K Manual Page 43