Seagate ST9300453SS, ST9300653SS, ST9300553SS, ST9146753SS About Fips, Purpose, Level 2 security

Page 44

8.0About FIPS

The Federal Information Processing Standard (FIPS) Publication 140-2, FIPS PUB 140-2, is a U.S. govern- ment computer security standard used to accredit cryptographic modules. It is titled “Security Requirements for Cryptographic Modules”. The initial publication was on May 25, 2001 and was last updated December 3, 2002.

Purpose

The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordi- nate the requirements and standards for cryptography modules that include both hardware and software com- ponents.

Federal Information Processing Standard (FIPS) 140-2 Level 2 Certification requires drives to go through gov- ernment agencies certifications to add requirements for physical tamper-evidence and role-based authentica- tion.

Level 2 security

Level 2 improves upon the physical security mechanisms of a Level 1 (lowest level of security) cryptographic module by requiring features that show evidence of tampering, including tamper-evident coatings or seals that must be broken to attain physical access to the plaintext cryptographic keys and critical security parameters (CSPs) within the module, or pick-resistant locks on covers or doors to protect against unauthorized physical access.

Figure 10. Example of FIPS tamper evidence labels.

Note. Does not represent actual drive.

36	Savvio 15K.3 SAS Product Manual, Rev. A

Image 44

Contents ST9300653SSST9300553SS ST9146853SSST9146753SS ST9300453SS ST9146653SSStandard Models Self-Encrypting Drive Models SED FIPS140-2 ModelsPage Contents Defect and error management InstallationAbout Fips About self-encrypting drives Interface requirementsPage Savvio 15K.3 SAS Product Manual, Rev. a List of Figures Page Seagate Technology support services Seagate Online Support and ServicesScope Applicable standards and reference documentation StandardsElectromagnetic compatibility Electromagnetic susceptibilityElectromagnetic compliance Electromagnetic compliance for the European UnionAustralian C-Tick Korean KCCEuropean Union Restriction of Hazardous Substances RoHS Scsi Commands Reference Manual SAS Interface Manual Reference documentsGeneral description Standard features Media descriptionFormatted capacities PerformanceReliability Factory installed options Programmable drive capacityPerformance characteristics Internal drive characteristicsSeek performance characteristics Access timeStart/stop time Format command execution timeGeneral performance characteristics Prefetch/multi-segmented cache control Cache operationCaching write data Prefetch operationReliability specifications Error ratesRecoverable Errors Unrecoverable ErrorsReliability and service Seek errorsInterface errors Preventive maintenanceMaximum processing delay 4 S.M.A.R.TControlling S.M.A.R.T Performance impactThermal monitor Temperature Log Page 0Dh Parameter Code DescriptionPredictive failures State of the drive prior to testing Drive Self Test DSTDST failure definition ImplementationShort and extended tests Short test Function Code 001bExtended test Function Code 010b Log page entriesProduct warranty ShippingProduct repair and return information StoragePowerChoice modes Physical/electrical specificationsPowerChoiceTM power management AC power requirements DC power requirements300GB models DC power requirements Regulation146GB models DC power requirements Conducted noise immunity General DC power requirement notesPower sequencing Current profiles Current profile for 300GB modelsCurrent profile for 146GB models 300GB models in 3Gb operation Power dissipation300GB models in 6Gb operation 146GB models in 6Gb operation 146GB models in 3Gb operationRelative humidity Temperature a. OperatingEnvironmental limits Shock Effective altitude sea level a. OperatingShock and vibration Vibration a. Operating-normal Recommended mountingAcoustics Air cleanlinessCorrosive environment Mechanical specifications DimensionsLevel 2 security About FipsPurpose Controlled access Admin SPAbout self-encrypting drives Data encryptionDefault password Random number generator RNGDrive locking Data bandsAuthenticated firmware download Power requirementsSupported commands Cryptographic eraseDrive error recovery procedures Defect and error managementDrive internal defects/errors SAS system errors Background Media ScanIdle Read After Write Media Pre-ScanDeferred Auto-Reallocation Setting and determining the current Type Level Protection Information PILevels of PI Identifying a Protection Information driveInstallation Drive orientationCooling Air flowDrive mounting GroundingSAS features Interface requirementsDual port support Scsi commands supportedSupported commands Supported commands Supported commands Supported commands Savvio inquiry data Mode Sense dataInquiry data Page Mode Data Header Mode Data Header Miscellaneous status Miscellaneous operating features and conditionsMiscellaneous features SAS physical interface Datum B Section C C Section a a Physical characteristics Connector requirementsElectrical description Pin descriptionsSignal characteristics PowerSAS transmitters and receivers Ready LED OutSAS-2 Specification compliance LED drive signalDifferential signals General interface characteristicsIndex NumericsPage Msid Mtbf See also cooling Page Savvio 15K.3 SAS Product Manual, Rev. a