Manuale d’uso / di manutenzione del prodotto FIPS 140-2 del fabbricante HP
Vai alla pagina of 26
© 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. HP StorageWorks Secure Key Manager (Hardware P/N AJ087B, Version 1.1; Firmware Version:1.1) FIPS 140-2 Security Policy Level 2 Validation Document Version 0.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 2 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table of Contents 1 INTRODUCTION .......................
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 3 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table of Figures F IGURE 1 – D EPLOYMENT A RCHITEC TURE OF TH E HP S TORAGE W ORKS S ECURE K EY M ANAGER .
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 4 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Table of Tables T ABLE 1 – S ECURITY L EVEL PER FIPS 140-2 S ECTION .
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 5 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 6 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 7 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 8 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 9 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 3 – Front Panel LEDs Descriptions of the LEDs are given in Table 3 – Front Panel LED Definitions.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 10 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 4 – Rear Panel Components Descriptions of compone nts on the rear pane l are given i n Table 4 – Rear Panel C omponents Description s.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 11 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Descriptions of LEDs on the r ear panel a re gi ven in Table 5 – Rear Panel LED Defi nitions.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 12 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 13 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 14 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Service Description Keys/CSPs Zeroize all keys/CSPs Zeroize all keys/CSPs in the module All keys/CSPs – delete 2.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 15 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. in 60 seconds. Since 10 -5 » 6×60 -8 , the probability of a successf ul password attem pt in 60 seconds is considerably less than 10 -5 .
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 16 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use DH public param 1024-bit Diffie- Hellman public parameters Generated by ANSI X9.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 17 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use KRsaPub Server RSA public key (1024- or 2048- bit) Generated by ANSI X9.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 18 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use Client AES key 128, 192 or 256-bit AES key Generated by ANSI X9.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 19 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Key Key Type Generation / Input Output Storage Zeroization Use Log signing keys 1024-bit RSA public and private keys Generated by ANSI X9.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 20 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 21 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. 3 Secure Operation The HP Storage Works Secure Key Manager m eets Level 2 re quirements for FIPS 140-2.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 22 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 23 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y. Figure 8 – Tamper-Evidence Lab els Figure 9 pr ovides a bette r view of t he posit ioning of t he tam per-evidence l abels ove r the powe r supplie s.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 24 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 25 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Security Policy, version 1.0 January 31, 2008 HP StorageWorks Secure Key Manager Page 26 of 26 © 2008 Hewlett-Packard Com pany This document may be freely repro duced in its original entir et y.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il HP FIPS 140-2 è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del HP FIPS 140-2 - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso HP FIPS 140-2 imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul HP FIPS 140-2 ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il HP FIPS 140-2, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del HP FIPS 140-2.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il HP FIPS 140-2. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo HP FIPS 140-2 insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.