ETM
® System Cryptographic Modules Security Policy
SecureLogix Corporation
®
Version 7.0
Page 20 of 24
1. Key Entry This service allows the three Triple DES keys to be imported into the
cryptographic module boundary.
2. Key Zeroize This service allows the three Triple DES keys that were imported into
the cryptographic module boundary to be cleared. Please refer to Section 9 for a
description of cryptographic key management for the Java-AppCM.
7.5.
Authentication
No separate authentication mechanism is provided for each ETM System cryptographic
module. Users authorized on the ETM System are implicitly authorized to access any
cryptographic module services according to their defined roles.
8.
Operational Environment
8.1.
Appliance
The FirmwareCM operates on an ETM System Appliance Controller Board and is
classified as multiple-chip embedded based on the hardware/firmware design of the
board.
8.2.
PC
Both the Java-AppCM and C-AppCM operate on Windows-based general purpose
computing platforms. Thus, the two modules are classified as multiple-chip standalone.
Each PC must be configured in single-user mode in order for the Java-AppCM and C-
AppCM to operate in FIPS-approved modes. This is accomplished by performing the
following steps:
· Configure the Windows O/S to only allow a single authenticated user to login.
· Disable all remote logins to the O/S.
9.
Cryptographic Key Management
9.1.
Key Generation
None of the ETM System cryptographic modules supports any key generation services.
Triple DES keys are referenced by address in the FirmwareCM and C-AppCM. For the
Java-AppCM, Triple DES keys are directly entered into the cryptographic module in
plaintext by its calling application via API calls.
9.2.
Key Distribution and Storage
For the FirmwareCM and C-AppCM, cryptographic keys are not stored inside their
cryptographic module boundaries. The cryptographic keys are imported into the
cryptographic modules from their applications as parameters in the Triple DES