Seagate ST91000641SS, ST9500621SS About Fips, Purpose, Validation Program, Seagate Enterprise SED

Page 47

8.0About FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. Government Computer Security Standard used to accredit cryptographic modules. It is titled 'Security Requirements for Cryptographic Modules (FIPS PUB 140-2)' and is issued by the National Institute of Standards and Technology (NIST).

Purpose

This standard specifies the security requirements that will be satisfied by a cryptographic module utilized within a security system protecting sensitive but unclassified information. The standard provides four increasing, qualitative levels of security: Level 1, Level 2, Level 3 and Level 4. These levels are intended to cover the wide range of potential applications and environments in which cryptographic modules may be employed.

Validation Program

Products that claim conformance to this standard are validated by the Cryptographic Module Validation Pro- gram (CMVP) which is a joint effort between National Institute of Standards and Technology (NIST) and the Communications Security Establishment (CSE) of the Government of Canada. Products validated as conform- ing to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive infor- mation (United States) or Designated Information (Canada).

In the CMVP, vendors of cryptographic modules use independent, accredited testing laborites to have their modules tested. National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratories per- form cryptographic module compliance/conformance testing.

Seagate Enterprise SED

The SEDs referenced in this Product Manual have been validated by CMVP and have been thoroughly tested by a NVLAP accredited lab to satisfy FIPS 140-2 Level 2 requirements. In order to operate in FIPS Approved Mode of Operation, these SEDs require security initialization. For more information, refer to 'Security Rules' section in the 'Security Policy' document uploaded on the NIST website. To reference the product certification visit - http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm, and search for “Seagate”.

Security Level 2

Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module by adding the requirement for tamper-evidence, which includes the use of tamper-evident coatings or seals on removable covers of the module. Tamper-evident coatings or seals are placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the critical security parameters (CSP) within the module. Tamper-evident seals (example shown in Figure 10 page 40) are placed on covers to protect against unauthorized physical access. In addition Security Level 2 requires, at a minimum, role-based authentication in which a cryptographic module authenticates the authorization of an operator to assume a specific role and perform a corresponding set of services.

Constellation.2 SAS Product Manual, Rev. H

39

Page 46 Page 48
Image 47
Page 46 Page 48
Contents SED Fips 140-2 Models ST91000640SSST91000641SS ST9500620SSST9500621SSST91000642SS ST9500622SS Standard Models Self-Encrypting Drive ModelsRevision history Contents Interface requirements Defect and error managementInstallation About Fips About self-encrypting drivesPage Constellation.2 SAS Product Manual, Rev. H List of Figures Constellation.2 SAS Product Manual, Rev. H Seagate Online Support and Services Seagate Technology support servicesScope Electromagnetic susceptibility Applicable standards and reference documentationStandards Electromagnetic compatibilityKorean KCC Electromagnetic complianceElectromagnetic compliance for the European Union Australian C-TickChina Restriction of Hazardous Substances RoHS Directive European Union Restriction of Hazardous Substances RoHSSelf-Encrypting Drives Reference Manual Reference documentsGeneral description Media description Standard featuresProgrammable drive capacity PerformanceReliability Formatted capacitiesFactory-installed options Access time Performance characteristicsInternal drive characteristics Seek performance characteristicsStart/stop time General performance characteristicsCache operation Prefetch/multi-segmented cache controlPrefetch operation Caching write dataUnrecoverable Errors Reliability specificationsError rates Recoverable ErrorsPreventive maintenance Reliability and serviceSeek errors Interface errorsReporting control 4 S.M.A.R.TControlling S.M.A.R.T Performance impactThermal monitor Temperature Log Page 0Dh Parameter Code DescriptionPredictive failures Implementation State of the drive prior to testingDrive Self Test DST DST failure definitionLog page entries Short and extended testsShort test Function Code 001b Extended test Function Code 010bProduct repair and return information Product warrantyShipping StoragePowerChoice modes Physical/electrical specificationsPowerChoiceTM power management DC power requirements AC power requirements1000GB drive Standard & SED model DC power requirements 500GB drive Standard & SED model DC power requirements Conducted noise immunity General DC power requirement notesPower sequencing TB model current profiles Current profilesGB model current profiles 1TB model drive in 3Gb operation Power dissipation1TB model drive in 6Gb operation 500GB model drive in 3Gb operation 500GB model drive in 6Gb operation Relative humidity Temperature a. OperatingEnvironmental limits Shock Effective altitude sea level a. OperatingShock and vibration Recommended mounting Corrosive environment Air cleanlinessVibration a. Operating-normal AcousticsSee Section Constellation.2 SAS Product Manual, Rev. H Mounting configuration dimensions Mechanical specificationsSeagate Enterprise SED About FipsPurpose Validation ProgramExample of Fips tamper evidence labels Data encryption Controlled accessAdmin SP About self-encrypting drivesData bands Authenticated firmware downloadRandom number generator RNG Drive lockingSupported commands Power requirementsDrive error recovery procedures Defect and error managementDrive internal defects/errors SAS system errors Deferred Auto-Reallocation Background Media ScanMedia Pre-Scan Levels of PI Setting and determining the current Type LevelIdle Read After Write Protection Information PIIdentifying a Protection Information drive Drive orientation InstallationAir flow CoolingGrounding Drive mountingInterface requirements SAS featuresDual port support Supported commands Scsi commands supportedSupported commands Supported commands Supported commands Constellation.2 inquiry data Mode Sense dataInquiry data Page Block Descriptor 00 00 00 00 3a 38 60 30 00 00 00 00 00 00 02 Miscellaneous status Miscellaneous operating features and conditionsMiscellaneous features SAS physical interface Datum B Section C C Section a a Pin descriptions Physical characteristicsConnector requirements Electrical descriptionReady LED Out Signal characteristicsPower SAS transmitters and receiversGeneral interface characteristics SAS-2 Specification ComplianceLED drive signal Differential signalsNumerics IndexKCC Msid Mtbf See also cooling Page Constellation.2 SAS Product Manual, Rev. H Page Americas Seagate Technology LLC
Top Page Image Contents