Seagate ST2000NM0021, ST500NM0041 About Fips, Purpose, Validation Program, Seagate Enterprise SED

Page 49

8.0About FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. Government Computer Security Standard used to accredit cryptographic modules. It is titled 'Security Requirements for Cryptographic Modules (FIPS PUB 140-2)' and is issued by the National Institute of Standards and Technology (NIST).

Purpose

This standard specifies the security requirements that will be satisfied by a cryptographic module utilized within a security system protecting sensitive but unclassified information. The standard provides four increasing, qualitative levels of security: Level 1, Level 2, Level 3 and Level 4. These levels are intended to cover the wide range of potential applications and environments in which cryptographic modules may be employed.

Validation Program

Products that claim conformance to this standard are validated by the Cryptographic Module Validation Pro- gram (CMVP) which is a joint effort between National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) of the Government of Canada. Products validated as conform- ing to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive infor- mation (United States) or Designated Information (Canada).

In the CMVP, vendors of cryptographic modules use independent, accredited testing laborites to have their modules tested. National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratories per- form cryptographic module compliance/conformance testing.

Seagate Enterprise SED

The SEDs referenced in this Product Manual have been validated by CMVP and have been thoroughly tested by a NVLAP accredited lab to satisfy FIPS 140-2 Level 2 requirements. In order to operate in FIPS Approved Mode of Operation, these SEDs require security initialization. For more information, refer to 'Security Rules' section in the 'Security Policy' document uploaded on the NIST website. To reference the product certification visit - http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm, and search for “Seagate”.

Security Level 2

Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module by adding the requirement for tamper-evidence, which includes the use of tamper-evident coatings or seals on removable covers of the module. Tamper-evident coatings or seals are placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the critical security parameters (CSP) within the module. Tamper-evident seals (example shown in Figure 13 page 42) are placed on covers to protect against unauthorized physical access. In addition Security Level 2 requires, at a minimum, role-based authentication in which a cryptographic module authenticates the authorization of an operator to assume a specific role and perform a corresponding set of services.

Constellation ES.1 SAS Product Manual, Rev. E

41

Downloaded from www.Manualslib.com manuals search engine

Page 48 Page 50
Image 49
Page 48 Page 50
Contents Standard Models Self-Encrypting Drive Models ST1000NM0041 ST500NM0041SED Fips 140-2 Models ST2000NM0041 Revision history Contents Installation Defect and error managementAbout Fips About self-encrypting drives Interface requirementsPage Constellation ES.1 SAS Product Manual, Rev. E List of Figures Constellation ES.1 SAS Product Manual, Rev. E Seagate Online Support and Services Seagate Technology support servicesModel Number Self-Encrypting Drive SED Fips 140-2 Level ScopeStandards Applicable standards and reference documentationElectromagnetic compatibility Electromagnetic susceptibilityElectromagnetic compliance for the European Union Electromagnetic complianceAustralian C-Tick Korean KCCChina Restriction of Hazardous Substances RoHS Directive European Union Restriction of Hazardous Substances RoHSSelf-Encrypting Drives Reference Manual Reference documentsGeneral description Media description Standard featuresPerformance Reliability Factory-installed optionsFormatted capacities Programmable drive capacityInternal drive characteristics Performance characteristicsSeek performance characteristics Access timeStart/stop time General performance characteristicsCache operation Prefetch/multi-segmented cache controlPrefetch operation Caching write dataError rates Reliability specificationsRecoverable Errors Unrecoverable ErrorsSeek errors Reliability and serviceInterface errors Preventive maintenanceControlling S.M.A.R.T 4 S.M.A.R.TPerformance impact Reporting controlPredictive failures Temperature Log Page 0Dh Parameter Code DescriptionThermal monitor Drive Self Test DST State of the drive prior to testingDST failure definition ImplementationShort test Function Code 001b Short and extended testsExtended test Function Code 010b Log page entriesShipping Product warrantyStorage Product repair and return informationPowerChoiceTM power management Physical/electrical specificationsPowerChoice modes DC power requirements AC power requirementsRegulation ±5% Constellation ES.1 SAS Product Manual, Rev. E Constellation ES.1 SAS Product Manual, Rev. E Power sequencing General DC power requirement notesConducted noise immunity TB model current profiles Current profilesConstellation ES.1 SAS Product Manual, Rev. E GB model current profiles 2TB models in 3Gb operation Power dissipation2TB models in 6Gb operation 1TB models in 3Gb operation 1TB models in 6Gb operation 500GB models in 3Gb operation 500GB models in 6Gb operation Environmental limits Temperature a. OperatingRelative humidity Shock and vibration Effective altitude sea level a. OperatingShock Recommended mounting Vibration a. Operating-normalAcoustics Air cleanlinessCorrosive environment Mounting configuration dimensions Mechanical specificationsPurpose About FipsValidation Program Seagate Enterprise SEDExample of Fips tamper evidence labels Admin SP Controlled accessAbout self-encrypting drives Data encryptionRandom number generator RNG Authenticated firmware downloadDrive locking Data bandsSupported commands Power requirementsSanitize Cryptographic Erase RevertSPDrive internal defects/errors Defect and error managementDrive error recovery procedures SAS system errors Media Pre-Scan Background Media ScanDeferred Auto-Reallocation Idle Read After Write Setting and determining the current Type LevelProtection Information PI Levels of PIIdentifying a Protection Information drive Drive orientation InstallationAir flow CoolingGrounding Drive mountingInterface requirements SAS featuresDual port support Supported commands Scsi commands supportedSupported commands Supported commands Supported commands Inquiry data Mode Sense dataConstellation ES.1 inquiry data Page Mode Sense data changeable and default values for 2TB drives Mode Sense data changeable and default values for 1TB drives 3a 38 60 30 00 00 02 Miscellaneous features Miscellaneous operating features and conditionsMiscellaneous status SAS physical interface Datum B Section C C Section a a Connector requirements Physical characteristicsElectrical description Pin descriptionsPower Signal characteristicsSAS transmitters and receivers Ready LED OutLED drive signal SAS-2 Specification ComplianceDifferential signals General interface characteristicsConstellation ES.1 SAS Product Manual, Rev. E Numerics IndexKCC Msid Mtbf See also cooling Page Constellation ES.1 SAS Product Manual, Rev. E Page Americas Seagate Technology LLC
Top Page Image Contents