Page 4

CR-2505

Revision Level: 24

Document is Uncontrolled When Printed.

Page 1 of 5

1. INTRODUCTION

1.1

Purpose

This is a non-proprietary Cryptographic Module Security Policy for the ProtectServer Gold (PSG).

This security policy describes how the PSG meets the security requirements of FIPS 140-2 and

how to operate the PSG in a secure FIPS 140-2 mode. This policy was prepared as a part of the

Level 3 FIPS 140-2 validation of the PSG.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2 - Security

Requirements for Cryptographic Modules) details the U.S. Government requirements for

cryptographic modules. More information about the FIPS 140-2 standard and validation program

is available on the NIST web site at http://csrc.nist.gov/groups/STM/cmvp/index.html.

1.2

References

This document deals only with operations and capabilities of the PSG in the technical terms of a

FIPS 140-2 cryptographic module security policy. More information is available on the PSG and

other SafeNet products from the following sources:

The SafeNet internet site contains information on the full line of security products at

http://www.safenet-inc.com/products/pki/index.asp.

For answers to technical or sales related questions please refer to the contacts listed

on the SafeNet internet site at http://www.safenet-inc.com/company/contact.asp.

1.3

Terminology

In this document the SafeNet ProtectServer Gold card is referred to as the PSG, the adapter, or

the module.

1.4

Document Organization

The Security Policy document is part of the FIPS 140-2 submission package. In addition to this

document, the Submission Package contains:

Vendor Evidence document (CR-2792)

Finite State Machine (CR-2678)

Module Software Listing

Functional Specification (CR-2848 / 008329-001)

Other supporting documentation as additional references

This document provides an overview of the PSG and explains the secure configuration and

operation of the module. This introduction section is followed by Section 2, which details the

general features and functionality of the PSG. Section 3 specifically addresses the required

configuration for the FIPS-mode of operation.

This Security Policy and other Certification Submission Documentation were produced by

SafeNet. With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation

Submission Documentation is proprietary to SafeNet.