8.0About FIPS
The Federal Information Processing Standard (FIPS) Publication 140-2, FIPS PUB 140-2, is a U.S. govern- ment computer security standard used to accredit cryptographic modules. It is titled “Security Requirements for Cryptographic Modules”. The initial publication was on May 25, 2001 and was last updated December 3, 2002.
Purpose
The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordi- nate the requirements and standards for cryptography modules that include both hardware and software com- ponents.
Federal Information Processing Standard (FIPS) 140-2 Level 2 Certification requires drives to go through gov- ernment agencies certifications to add requirements for physical tamper-evidence and role-based authentica- tion.
Level 2 security
Level 2 improves upon the physical security mechanisms of a Level 1 (lowest level of security) cryptographic module by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.
Figure 7. Example of FIPS tamper evidence labels. Does not represent actual drive.
Constellation SAS Product Manual, Rev. E | 35 |