Seagate Mobile HDD Product Manual, Rev. A
29
About FIPS
4.0
About FIPS
The Federal Information Processing Standard (FIPS) Publication 140-2, FIPS PUB 140-2, is a U.S. government computer security standard used to
accredit cryptographic modules. It is titled “Security Requirements for Cryptographic Modules”. The initial publication was on May 25, 2001 and was
last updated December 3, 2002.
Purpose.
The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordinate the requirements and standards for
cryptography modules that include both hardware and software components.
Federal Information Processing Standard (FIPS) 140-2 Level 2 Certification requires drives to go through government agencies certifications to add
requirements for physical tamper-evidence and role-based authentication. For more information, refer to 'Security Rules' section in the 'Security
Policy' document uploaded on the NIST website. To reference the product certification visit:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm
, and search for “Seagate”.
Security Level 2.
Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module by adding the requirement for tamper-
evidence, which includes the use of tamper-evident coatings or seals on removable covers of the module. Tamper-evident coatings or seals are
placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the critical security parameters (CSP)
within the module. Tamper-evident seals (example shown in
) are placed on covers to protect against unauthorized physical
access. In addition Security Level 2 requires, at a minimum, role-based authentication in which a cryptographic module authenticates the
authorization of an operator to assume a specific role and perform a corresponding set of services.
Figure 9
Example of FIPS tamper evidence labels.
Note
For reference only. May not represent actual drive.