SEAGATE LAPTOP SSHD SATA PRODUCT MANUAL, REV. D 16
ABOUT FIPS
4.0 ABOUT FIPS
The Federal Information Processing Standard (FIPS) Publication 140-2, FIPS PUB 140-2, is a U.S. government computer
security standard used to accredit cryptographic modules. It is titled “Security Requirements for Cryptographic Modules”.
The initial publication was on May 25, 2001 and was last updated December 3, 2002.
Purpose.
The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordinate the
requirements and standards for cryptography modules that include both hardware and software components.
Federal Information Processing Standard (FIPS) 140-2 Level 2 Certification requires drives to go through government
agencies certifications to add requirements for physical tamper-evidence and role-based authentication. For more
information, refer to 'Security Rules' section in the 'Security Policy' document uploaded on the NIST website. To reference
the product certification visit:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401vend.htm, and search for “Seagate”.
Security Level 2.
Security Level 2 enhances the physical security mechanisms of a Security Level 1 cryptographic module by adding the
requirement for tamper-evidence, which includes the use of tamper-evident coatings or seals on removable covers of the
module. Tamper-evident coatings or seals are placed on a cryptographic module so that the coating or seal must be broken
to attain physical access to the critical security parameters (CSP) within the module. Tamper-evident seals (example shown
in Figure 5, page 19) are placed on covers to protect against unauthorized physical access. In addition Security Level 2
requires, at a minimum, role-based authentication in which a cryptographic module authenticates the authorization of an
operator to assume a specific role and perform a corresponding set of services.
Figure 4 Example of FIPS tamper evidence labels.
NOTE
For reference only. May not represent actual drive.