9
Section 4 - Operation
Secure Multi-Domain Tempest Smart Card Reader (MDR) User Manual
Main Features
Product is designed, manufactured and delivered in security-
controlled environments. Below is a summary of the main advanced
features incorporated in product:
Advanced isolation between computers and shared peripherals
The emulations of keyboard, mouse and display EDID, prevent
direct contact between computers and shared peripherals. Product
design achieves maximal security by keeping the video path
separate with keyboard and mouse switched together, purging
keyboard buffer when switching channels. All these features
contribute to strong isolation between computer interfaces,
maintained even when product is powered off.
Unidirectional data flow: USB, audio and video
Unique hardware architecture components prevent unauthorized
data flow, including:
Optical unidirectional data flow diodes in the USB data path
that filtrate and reject unqualified USB devices;
Secure analog audio diodes that prevent audio
eavesdropping with no support for microphone or any other
audio-input device;
Video path is kept separate from all other traffic, enforcing
unidirectional native video flow. EDID emulation is done at
power up and blocks all EDID/MCCS writes. For DisplayPort
video, filtration of AUX channel exists to reject unauthorized
transactions.
Isolation of power domains
Complete isolation of power domains prevents signaling attacks.
Secure administrator access & log functions
Product incorporates secure administrator access and log functions
to provide auditable trail for all product security events, including
battery backup life for anti-tampering and log functions. Non-
reprogrammable firmware prevents the ability to tamper with
product logic.
Always-on, active anti-tamper system
Active anti-tampering system prevents malicious insertion of
hardware implant such as wireless key-logger inside product
enclosure. Any anti-tampering attempt causes isolation of all
computers and peripheral devices rendering product inoperable and
showing clear indications of tampering event to user.
Holographic security tamper-evident labels are placed on the
enclosure to provide a clear visual indication if product has been
opened or compromised.
Metal enclosure is designed to resist mechanical tampering with all
microcontrollers protected against firmware-read, modification and
rewrite.
TEMPEST Compliant Design
Assuring glavanic isolation betweem sources
Highest security by design:
The only smart-card reader that designed from early stages to
support high security isolation applications.
Unique in the market:
The only smart-card reader available today that can interface with
multiple isolated computers. Based on unique technology and
patents.