Sun StorageTek
TM
T9840D
Tape Drive
Security
Policy
Part Number 316055201
Revision: AA
Sun Microsystems, Inc.
February 5, 2010
Copyright Sun Microsystems 2009
.
May be reproduced only in its original entirety [without revision].
Страница 1: ...ageTekTM T9840D Tape Drive Security Policy Part Number 316055201 Revision AA Sun Microsystems Inc February 5 2010 Copyright Sun Microsystems 2009 May be reproduced only in its original entirety without revision ...
Страница 2: ... 8 4 PORTS AND INTERFACES 10 5 IDENTIFICATION AND AUTHENTICATION POLICY 12 5 1 ASSUMPTION OF ROLES 12 6 DEFINITION OF CRITICAL SECURITY PARAMETERS CSPS 14 6 1 DEFINITION OF PUBLIC KEYS 15 7 ACCESS CONTROL POLICY 15 7 1 ROLES AND SERVICES 15 8 OPERATIONAL ENVIRONMENT AREA 6 18 9 SECURITY RULES 18 9 1 FIPS 140 2 SECURITY REQUIREMENTS 18 10 PHYSICAL SECURITY 19 10 1 PHYSICAL SECURITY MECHANISMS 19 11...
Страница 3: ...ED IDENTIFICATION AND AUTHENTICATION 12 TABLE 4 STRENGTHS OF AUTHENTICATION MECHANISMS 13 TABLE 5 DESCRIPTION OF CRITICAL SECURITY PARAMETERS CSPS 14 TABLE 6 DESCRIPTION OF PUBLIC KEYS WITHIN THE ETD 15 TABLE 7 SERVICES AUTHORIZED FOR ROLES 15 TABLE 8 UNAUTHENTICATED SERVICES 18 Release History Date Rev Description Name 02 05 10 AA Initial version of Security Policy Engineering Change EC001056 Mat...
Страница 4: ...ized key management The Sun StorageTek Crypto Key Management System version 2 1 and higher consists of two or more Key Management Appliances KMAs Key Management Appliances are the individual components within the system and in the context of this FIPS 140 2 Security Policy can be viewed as Key Loaders For more information on these system components please see the website http docs sun com and brow...
Страница 5: ...f FIPS 140 2 as is detailed in Table 1 Table 1 Module Security Level Specification Security Requirements Section Level Cryptographic Module Specification 3 Module Ports and Interfaces 1 Roles Services and Authentication 1 Finite State Model 1 Physical Security 1 Operational Environment N A Cryptographic Key Management 1 EMI EMC 1 Feb 5 2010 Part 316055201 Rev AA Page 5 Figure 1 2 Back side and bot...
Страница 6: ...part of digital signature verification for the firmware o as part of HMAC SHA 1 HMAC certificate 597 o for hashing passwords used for authentication AES ECB AES Certificate 1060 supporting 256 bit keys Used as part of the AES Key Wrap algorithm to securely establish keying material SP 800 90 CTR DRBG DRBG Certificate 11 for generating random numbers used for nonce values and cryptographic keys AES...
Страница 7: ...FIPS Mode The user can determine whether the ETD is operating in FIPS mode by examining the VOP Virtual Operator Panel VOP is an external software application and the primary ETD remote management tool VOP utilizes ETD services remotely VOP is described in more detail in the document Virtual Operator Panel User s Guide see VOPUG Figure 3 1 shows the View Current Drive Settings of the VOP applicati...
Страница 8: ... it will remain in either FIPS mode or non FIPS compliant mode FIPS 140 2 configuration of ETD with VOP requires the presence of both a Sun service representative and the customer In addition they will need to follow the licensing process as outlined in KMS2IM KMS 2 x Installation and Service Manual under License and Enroll the Tape Drives in Chapter 3 T Series Tape Drives Feb 5 2010 Part 31605520...
Страница 9: ...pe drive for encryption using the process from KMS2IM 5 The service representative shall set the drive offline by selecting Drive Operations Set Offline 6 The service representative shall add the ETD to the KMS 2 x cluster see KMS2IM 7 The service representative shall bring up the Configure Drive Parameters Window see Figure 3 2 by selecting Drive Data from the Configure menu of the main VOP windo...
Страница 10: ...vides a listing of the following physical ports and logical interfaces see ETDOG for details Table 2 Ports and Interfaces Description Physical Port Qty Logical interface definition Technical Specification DB15 RS232 1 data output status output control input Primarily used for tape library communications Feb 5 2010 Part 316055201 Rev AA Page 10 Figure 3 2 VOP Configure Drive Parameters Window ...
Страница 11: ... Command Code Sets 3 Mapping Protocol FC SB 3 Revision 1 6 specification see FC SB 3 Tape head 1 data input data output Provides the interface to the magnetic tape media where the user data to be encrypted is written to and where the data to be decrypted is read from Tape media resides in six possible cartridge types 1 Standard Data 2 SPORT reduced length Data 3 VolSafe write once Data 4 Sport Vol...
Страница 12: ...Officer C O Table 3 shows these roles Table 3 Roles and Required Identification and Authentication Role Type of Authentication Authentication Data User Role based operator authentication The following Authentication Mechanism see Error Reference source not found is allowed for authenticating to the User Role 1 CA_Cert Private Key 2048 bit RSA Private key Note No authentication mechanism is claimed...
Страница 13: ...ey used to protect the ME_Keys with AES Key Wrap as they enter the ETD Transported wrapped with the KWKPublicKey which provides 112 bits of encryption strength Dump Encryption Key DEKey A Dump file encryption key is a 256 bit AES CCM key used for encrypting the dump files during generation and storage Transported wrapped with the KWKPublicKey which provides 112 bits of encryption strength Tape Dri...
Страница 14: ...8 bit RSA public key used to wrap the DEKey It is stored stored in an X 509 certificate Firmware Signature Public Key FSPubKey The Firmware Signature Public Key is a 2048 bit RSA key used to validate any uploaded firmware Firmware Signature Root Certificate Key FSRootCert The Firmware Signature Root Certificate Key is a 2048 bit RSA key within a PEM encoded certificate used to validate the certifi...
Страница 15: ...y Zeroize This service erases all Critical Security Parameters CSPs stored in ETD memory volatile and non volatile RJ45 Ether net Yes Yes C O Zeroizes all CSPs VOP Login Log in to the Virtual Operator s Panel VOP and authorizes the operator to the Crypto Officer Role providing access too all VOP commands RJ45 Ether net Yes Yes C O Accesses VOP Password Encrypt Data to Tape Encrypts data from the H...
Страница 16: ...s TLS_EMK Uses TLS_ECK Input KWKPubli cKey Inputs the KWKPublicKey from a KMS 2 x cluster into the ETD RJ45 Ether net Yes Yes User Writes KWKPublicKey Uses TLS_DMK Uses TLS_DCK Input ME_Key from KMS 2 x Inputs one or more ME_Keys protected with AES Key Wrap into the ETD from the KMS 2 x cluster RJ45 Ether net Yes Yes User Writes ME_Key Uses TLS_DMK Uses TLS_DCK Uses AKWK ETD Configurati on Allows ...
Страница 17: ... new CSP or the modification of an existing Generates Generates the CSP using the FIPS Approved SP800 90 DRBG Derives The CSP is derived using the Allowed TLS1 0 Key Derivation Function The ETD supports the unauthenticated services listed below in Table 7 None of the services modify disclose or substitute cryptographic keys and CSPs or otherwise affect the security of the ETD Table 7 Unauthenticat...
Страница 18: ...pto Officer role 2 When the module has not been placed in a valid role the operator does not have access to any cryptographic services 3 The cryptographic module shall encrypt and decrypt sensitive data using the AES 256 CCM algorithm 4 The cryptographic module shall perform the following tests a Power up Self tests i Cryptographic algorithm tests 1 AES ECB KAT Encrypt Decrypt 2 AES Key Wrap KAT W...
Страница 19: ...dule has not been designed to mitigate any specific attacks 12 References 1619 1 IEEE Std 1619 1 2007 IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices May 2008 CCM NIST Special Publication 800 38C Recommendation for Block Modes of Operation The CCM Mode for Authentication and Confidentiality U S DoC NIST May 2004 Available at http csrc nist gov publications nist...
Страница 20: ...est in the context of the EDRS system is data stored on magnetic tape EDRS Encrypted Data at Rest Solution ETD The Sun StorageTekTM T9840D Encrypting Tape Drive IPL Initial Program Load The process that brings up the ETD after a power on or reset KMA Key Management Applicance KMS Key Management System which consists of two or more KMAs TLS Transport Layer Security v1 0 as defined by IETF RFC 2246 ...