-
HP FIPS 140-2 - page 1
© 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. HP StorageWorks Secure Key Manager (Hardware P/N AJ087B, Version 1.1; Firmware Version:1.1) FIPS 140-2 Security Policy Level 2 Validation Document Version 0.7 December 4, 2008 ...
-
HP FIPS 140-2 - page 2
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 2 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table of Contents 1 INTRODUCTION ................................................................................................................... ...... ...
-
HP FIPS 140-2 - page 3
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 3 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table of Figures F IGURE 1 – D EPLOYMENT A RCHITEC TURE OF TH E HP S TORAGE W ORKS S ECURE K EY M ANAGER ................................ 6 F IGURE 2 – ...
-
HP FIPS 140-2 - page 4
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 4 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table of Tables T ABLE 1 – S ECURITY L EVEL PER FIPS 140-2 S ECTION ..................................................................................... ...
-
HP FIPS 140-2 - page 5
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 5 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. 1 Introduction 1.1 Purpose This document is a no n-proprietary Cryptographic Mo dule Security Policy for the HP StorageWorks Secur e Key Manager (SK M) fro ...
-
HP FIPS 140-2 - page 6
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 6 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. 2 HP S torageW orks Secure Key Manager 2.1 Overview HP provides a ra nge of security produ cts for banking, th e Internet, and enterprise s ecurity applica ...
-
HP FIPS 140-2 - page 7
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 7 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Section Section Title Level 10 Design Assurance 2 11 Mitigation of Other Attacks N/A The block dia gram of the m odule is gi ven in Figure 2 – Block Diag ...
-
HP FIPS 140-2 - page 8
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 8 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. • Digital Sig nature Al gorithm ( DSA) PQG generatio n, ke y ge neration, s ignature ge neration, and sign ature verification: 10 24 bit s (cert i fi c a ...
-
HP FIPS 140-2 - page 9
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 9 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 3 – Front Panel LEDs Descriptions of the LEDs are given in Table 3 – Front Panel LED Definitions. Table 3 – Front Panel LED Definition s Item ...
-
HP FIPS 140-2 - page 10
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 10 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 4 – Rear Panel Components Descriptions of compone nts on the rear pane l are given i n Table 4 – Rear Panel C omponents Description s. Table 4 ...
-
HP FIPS 140-2 - page 11
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 11 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Descriptions of LEDs on the r ear panel a re gi ven in Table 5 – Rear Panel LED Defi nitions. Table 5 – Rear Panel LED Definitions Item Description St ...
-
HP FIPS 140-2 - page 12
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 12 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Service Description Keys/CSPs Perform first-time initialization Configure the module when it is used for the first time Crypto Officer (admin) password ? ...
-
HP FIPS 140-2 - page 13
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 13 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table 7 – User Services Service Description Keys/CSPs Authenticate to SKM Authenticate to SKM with a username an d the associated password User password ...
-
HP FIPS 140-2 - page 14
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 14 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Service Description Keys/CSPs Zeroize all keys/CSPs Zeroize all keys/CSPs in the module All keys/CSPs – delete 2.4.4 Cluster Member Role The Cluster Mem ...
-
HP FIPS 140-2 - page 15
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 15 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. in 60 seconds. Since 10 -5 » 6×60 -8 , the probability of a successf ul password attem pt in 60 seconds is considerably less than 10 -5 . 2.4.6 Unauthen ...
-
HP FIPS 140-2 - page 16
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 16 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use DH public param 1024-bit Diffie- Hellman public parameters Generated by ANSI X9.31 DRNG dur ...
-
HP FIPS 140-2 - page 17
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 17 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use KRsaPub Server RSA public key (1024- or 2048- bit) Generated by ANSI X9.31 DRNG during firs ...
-
HP FIPS 140-2 - page 18
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 18 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use Client AES key 128, 192 or 256-bit AES key Generated by ANSI X9.31 DRNG Via TLS in encrypte ...
-
HP FIPS 140-2 - page 19
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 19 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use Log signing keys 1024-bit RSA public and private keys Generated by ANSI X9.31 DRNG at first ...
-
HP FIPS 140-2 - page 20
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 20 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. • Pairwise consi stency test f or new DSA keys • Pairwise consistency test for new RSA keys • Continuous random num ber generator test o n AN SI X 9 ...
-
HP FIPS 140-2 - page 21
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 21 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. 3 Secure Operation The HP Storage Works Secure Key Manager m eets Level 2 re quirements for FIPS 140-2. T he sections belo w describe how to place and kee ...
-
HP FIPS 140-2 - page 22
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 22 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 6 – FIPS Compliance in CLI In the web administration interface, the Crypto Officer s hould use the “High Secu rity Configuration” page to ena ...
-
HP FIPS 140-2 - page 23
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 23 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 8 – Tamper-Evidence Lab els Figure 9 pr ovides a bette r view of t he posit ioning of t he tam per-evidence l abels ove r the powe r supplie s. F ...
-
HP FIPS 140-2 - page 24
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 24 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. 3.4 Key and CSP Zeroization To zeroize all keys and CSPs in the m o dule, the Crypto Officer sh ould execute reset factory settings zeroize command in the ...
-
HP FIPS 140-2 - page 25
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 25 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Acronyms Table 15 – Acronyms Acr on ym Definition 3DES Triple Data Encryption Standard AES Advanced Encryption Standard ANSI American National Standard ...
-
HP FIPS 140-2 - page 26
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 26 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Acr on ym Definition NIC Network Interface Card NIST National Institute of Standards and Technolo g y NTP Network Time Protocol PCI Peripheral Component I ...
Do you have a question concerning HP FIPS 140-2?
Use the form below
If you did not solve your problem by using a manual HP FIPS 140-2, ask a question using the form below. If a user had a similar problem with HP FIPS 140-2 it is likely that he will want to share the way to solve it.