Security level
The cryptographic module meets the overall requirements applicable to Level 1 security of
FIPS 140-2.
Operational environment
The FIPS 140-2 Area 6 Operational Environment requirements are not applicable because the
device does not support the loading and execution of un-trusted code. Avaya digitally signs
firmware images of the crypto module using RSA SHA1 digital signature. Through this
signature, the crypto module verifies the authenticity of any update to its firmware image.
Assumptions of roles
The cryptographic module supports eight distinct operator roles: Cryptographic-Officer, Read/
Write User, Read-only User, RADIUS Server, OSPF Router Peer, PPPoE Client, IKE Peer, and
Serial Number Peer.
The cryptographic module enforces the separation of roles using operator authentication. Refer
to
Table 36
for further information.
Table 35: Module security level specification
Security Requirements Section
Cryptographic Module Specification
Module Port and Interfaces
Roles, Services, and Authentication
Finite State Model
Physical Security
Operational Environment
Cryptographic Key Management
EMI/EMC
Self-Tests
Design Assurance
Mitigation of Other Attacks
Level
1
1
2
1
1
N/A
1
1
1
3
N/A
Issue 1.1 June 2005
Overview
497