Seagate ST91000641SS ユーザーズマニュアル
Constellation.2 SAS Product Manual, Rev. H
39
8.0
About FIPS
The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. Government Computer
Security Standard used to accredit cryptographic modules. It is titled 'Security Requirements for Cryptographic
Modules (FIPS PUB 140-2)' and is issued by the National Institute of Standards and Technology (NIST).
Security Standard used to accredit cryptographic modules. It is titled 'Security Requirements for Cryptographic
Modules (FIPS PUB 140-2)' and is issued by the National Institute of Standards and Technology (NIST).
Purpose
This standard specifies the security requirements that will be satisfied by a cryptographic module utilized within
a security system protecting sensitive but unclassified information. The standard provides four increasing,
qualitative levels of security: Level 1, Level 2, Level 3 and Level 4. These levels are intended to cover the wide
range of potential applications and environments in which cryptographic modules may be employed.
a security system protecting sensitive but unclassified information. The standard provides four increasing,
qualitative levels of security: Level 1, Level 2, Level 3 and Level 4. These levels are intended to cover the wide
range of potential applications and environments in which cryptographic modules may be employed.
Validation Program
Products that claim conformance to this standard are validated by the Cryptographic Module Validation Pro-
gram (CMVP) which is a joint effort between National Institute of Standards and Technology (NIST) and the
Communications Security Establishment (CSE) of the Government of Canada. Products validated as conform-
ing to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive infor-
mation (United States) or Designated Information (Canada).
gram (CMVP) which is a joint effort between National Institute of Standards and Technology (NIST) and the
Communications Security Establishment (CSE) of the Government of Canada. Products validated as conform-
ing to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive infor-
mation (United States) or Designated Information (Canada).
In the CMVP, vendors of cryptographic modules use independent, accredited testing laborites to have their
modules tested. National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratories per-
form cryptographic module compliance/conformance testing.
modules tested. National Voluntary Laboratory Accreditation Program (NVLAP) accredited laboratories per-
form cryptographic module compliance/conformance testing.
Seagate Enterprise SED
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm
, and search for “Seagate”.
Security Level 2
Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module
by adding the requirement for tamper-evidence, which includes the use of tamper-evident coatings or
seals on removable covers of the module. Tamper-evident coatings or seals are placed on a cryptographic
module so that the coating or seal must be broken to attain physical access to the critical security
parameters (CSP) within the module. Tamper-evident seals (example shown in Figure 10 page 40) are
placed on covers to protect against unauthorized physical access. In addition Security Level 2 requires, at
a minimum, role-based authentication in which a cryptographic module authenticates the authorization of
an operator to assume a specific role and perform a corresponding set of services.
by adding the requirement for tamper-evidence, which includes the use of tamper-evident coatings or
seals on removable covers of the module. Tamper-evident coatings or seals are placed on a cryptographic
module so that the coating or seal must be broken to attain physical access to the critical security
parameters (CSP) within the module. Tamper-evident seals (example shown in Figure 10 page 40) are
placed on covers to protect against unauthorized physical access. In addition Security Level 2 requires, at
a minimum, role-based authentication in which a cryptographic module authenticates the authorization of
an operator to assume a specific role and perform a corresponding set of services.