Page 2 - Table of Contents
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 2 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Table of Contents 1 INTRODUCTION ................................................................................
Page 3 - Table of Figures
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 3 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Table of Figures F IGURE 1 – D EPLOYMENT A RCHITECTURE OF THE HP S TORAGE W ORKS S ECURE K EY M ANAGER ..........
Page 4 - Table of Tables
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 4 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Table of Tables T ABLE 1 – S ECURITY L EVEL PER FIPS 140-2 S ECTION .............................................
Page 5 - Introduction
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 5 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. 1 Introduction 1.1 Purpose This document is a non-proprietary Cryptographic Module Security Policy for the HP ...
Page 6 - HP StorageWorks Secure Key Manager; Cryptographic Module Specification; Table 1 – Security Level per FIPS 140-2 Section
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 6 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. 2 HP StorageWorks Secure Key Manager 2.1 Overview HP provides a range of security products for banking, the In...
Page 7 - Figure 2 – Block Diagram of SKM
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 7 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Section Section Title Level 10 Design Assurance 2 11 Mitigation of Other Attacks N/A The block diagram of the ...
Page 8 - Module Interfaces; Table 2 – Logical Interface and Physical Ports Mapping
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 8 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. • Digital Signature Algorithm (DSA) PQG generation, key generation, signature generation, and signature verifi...
Page 10 - Figure 5 – Rear Panel LEDs
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 10 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Figure 4 – Rear Panel Components Descriptions of components on the rear panel are given in Table 4 – Rear Pan...
Page 11 - Table 5 – Rear Panel LED Definitions; Crypto Officer Role
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 11 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Descriptions of LEDs on the rear panel are given in Table 5 – Rear Panel LED Definitions. Table 5 – Rear Pane...
Page 12 - Role
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 12 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Service Description Keys/CSPs Perform first-time initialization Configure the module when it is used for the ...
Page 13 - Table 7 – User Services; HP User Role
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 13 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Table 7 – User Services Service Description Keys/CSPs Authenticate to SKM Authenticate to SKM with a username...
Page 15 - Services; Physical Security; Keys and CSPs
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 15 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. in 60 seconds. Since 10 -5 » 6×60 -8 , the probability of a successful password attempt in 60 seconds is cons...
Page 20 - Mitigation of Other Attacks
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 20 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. • Pairwise consistency test for new DSA keys • Pairwise consistency test for new RSA keys • Continuous random...
Page 21 - Secure; Initialization and Configuration; Initialization
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 21 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. 3 Secure Operation The HP StorageWorks Secure Key Manager meets Level 2 requirements for FIPS 140-2. The sect...
Page 22 - Figure 6 – FIPS Compliance in CLI; Physical Security Assurance
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 22 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Figure 6 – FIPS Compliance in CLI In the web administration interface, the Crypto Officer should use the “Hig...
Page 23 - Figure 8 – Tamper-Evidence Labels
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 23 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Figure 8 – Tamper-Evidence Labels Figure 9 provides a better view of the positioning of the tamper-evidence l...
Page 24 - Key and CSP Zeroization
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 24 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. 3.4 Key and CSP Zeroization To zeroize all keys and CSPs in the module, the Crypto Officer should execute res...
Page 25 - Acronyms; Table 15 – Acronyms
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 25 of 26 © 2008 Hewlett-Packard Company This document may be freely reproduced in its original entirety. Acronyms Table 15 – Acronyms Acronym Definition 3DES Triple Data Encryption Standard AES Advanced Encryption ...