Seagate ST9500432SS, ST9500430SS, ST9500431SS manual About Fips, Purpose, Level 2 security

Page 43

8.0About FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2, FIPS PUB 140-2, is a U.S. govern- ment computer security standard used to accredit cryptographic modules. It is titled “Security Requirements for Cryptographic Modules”. The initial publication was on May 25, 2001 and was last updated December 3, 2002.

Purpose

The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordi- nate the requirements and standards for cryptography modules that include both hardware and software com- ponents.

Federal Information Processing Standard (FIPS) 140-2 Level 2 Certification requires drives to go through gov- ernment agencies certifications to add requirements for physical tamper-evidence and role-based authentica- tion.

Level 2 security

Level 2 improves upon the physical security mechanisms of a Level 1 (lowest level of security) cryptographic module by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.

Figure 7. Example of FIPS tamper evidence labels. Does not represent actual drive.

Constellation SAS Product Manual, Rev. E

35

Image 43

Contents SED Fips 140-2 Model ST9500430SSST9500431SSST9500432SS Standard Model Self-Encrypting Drive ModelRevision history Contents Interface requirements Defect and error managementInstallation About Fips About self-encrypting drivesPower Constellation SAS Product Manual, Rev. E GB model current profiles List of FiguresConstellation SAS Product Manual, Rev. E Seagate Online Support and Services Seagate Technology support servicesScope Electromagnetic susceptibility Applicable standards and reference documentationStandards Electromagnetic compatibilityKorean KCC Electromagnetic complianceElectromagnetic compliance for the European Union Australian C-TickEuropean Union Restriction of Hazardous Substances RoHS Reference documentsGeneral description Media description Standard featuresProgrammable drive capacity PerformanceReliability Formatted capacitiesFactory-installed options Access time Performance characteristicsInternal drive characteristics Seek performance characteristicsStart/stop time General performance characteristicsCache operation Prefetch/multi-segmented cache controlPrefetch operation Caching write dataUnrecoverable Errors Reliability specificationsError rates Recoverable ErrorsPreventive maintenance Reliability and serviceSeek errors Interface errorsReporting control 4 S.M.A.R.TControlling S.M.A.R.T Performance impactPredictive failures Temperature Log Page 0Dh Parameter Code DescriptionThermal monitor Implementation State of the drive prior to testingDrive Self Test DST DST failure definitionLog page entries Short and extended testsShort test Function Code 001b Extended test Function Code 010bShipping Product warrantyProduct repair and return information PowerChoiceTM power management Physical/electrical specificationsPowerChoice modes DC power requirements AC power requirementsPage Power sequencing General DC power requirement notesConducted noise immunity GB model current profiles Current profilesST9500430SS, ST9500431SS and ST9500432SS in 3 Gbit operation Power dissipationST9500430SS, ST9500431SS and ST9500432SS in 6 Gbit operation Environmental limits Temperature a. OperatingShock Relative humidityEffective altitude sea level a. Operating Shock and vibrationPage Recommended mounting Vibration a. Operating-normal Air cleanlinessCorrosive environment Acoustics Mounting configuration dimensions Mechanical specificationsPurpose About FipsLevel 2 security Data encryption Controlled accessAdmin SP About self-encrypting drivesData bands Default passwordRandom number generator RNG Drive lockingCryptographic erase Authenticated firmware downloadPower requirements Supported commandsDrive internal defects/errors Defect and error managementDrive error recovery procedures SAS system errors Media Pre-Scan Background Media ScanDeferred Auto-Reallocation Idle Read After Write Drive orientation InstallationAir flow CoolingGrounding Drive mountingInterface requirements SAS featuresDual port support Supported commands Scsi commands supportedSupported commands Supported commands Supported commands Inquiry data Mode Sense dataConstellation inquiry data Page Mode Data Header Miscellaneous features Miscellaneous operating features and conditionsMiscellaneous status SAS physical interface Datum B Section C C Section a a Pin descriptions Physical characteristicsConnector requirements Electrical descriptionReady LED Out Signal characteristicsPower SAS transmitters and receiversGeneral interface characteristics SAS-2 Specification ComplianceLED drive signal Differential signalsConstellation SAS Product Manual, Rev. E Numerics IndexKCC Msid Mtbf See also cooling Page Constellation SAS Product Manual, Rev. E Page Seagate Technology LLC