0 physical security, 1 module interfaces, 1 usb (universal serial bus) interface – Nortel Networks NN46120-104 User Manual

Page 237: 2 status led (light emitting diode) interface, 3 serial interface, 4 pci interface

Advertising
background image

7.1 Module Interfaces

237

5.0 Physical Security

The board is designed to detect tampering attempts and will zeroize critical
security parameters under a variety of prescribed circumstances. These
circumstances include penetration of the module’s cryptographic envelope.
The cryptographic envelope consists of an opaque tamper resistant lid and
circuit board, and will provide clear visual evidence of tampering. The lid
and circuit board are joined to form a contiguous perimeter. This perimeter
encloses module components responsible for the creation, storage and
processing of critical security parameters. The boundary contains intricate
serpentine patterns that are used to detect tamper attempts associated
with a breach of the cryptographic envelope by drilling, sawing or removal
of the tamper lid.

7.1 Module Interfaces

6.1 USB (Universal Serial Bus) Interface

This is the trusted interface of the HSM. It is used for communicating
with iKey1000 tokens. Four tokens are shipped with each HSM. One will
contain a pin used to authenticate the Security Officer. One will contain
a pin used to authenticate the User. One will contain a key-part to be
controlled by the Security Officer.
One will contain a key-part to be controlled by the user. No secrets,
key-parts or critical security parameters are contained within any of the
tokens or within the HSM when these items are shipped from Rainbow
Technologies.

6.2 Status LED (Light Emitting Diode) Interface

The LED can be in four possible states. These are off, green, orange and
red. The meaning associated with each LED state is as follows:

LED State

Meaning

Off

Power off

Green

Board is on but idle

Orange

Board is in the self-test state or performing a
crypto function

Red

Board is in the error state

The true state of the HSM will be obtainable from the status register which
is read by the host over the PCI interface.

6.3 Serial Interface

The serial interface is disabled in the production version of the HSM board.

6.4 PCI Interface

This interface is used to provide data and commands to the HSM board. It
is also used to read data and status from the HSM.

Nortel VPN Gateway

User Guide

NN46120-104

02.01

Standard

14 April 2008

Copyright © 2007-2008 Nortel Networks

.

Advertising
Popular Brands
Popular manuals