Table of Contents
Advertisement
5.0 Physical Security
The board is designed to detect tampering attempts and will zeroize critical security parameters
under a variety of prescribed circumstances. These circumstances include penetration of the
module's cryptographic envelope. The cryptographic envelope consists of an opaque tamper
resistant lid and circuit board, and will provide clear visual evidence of tampering. The lid and
circuit board are joined to form a contiguous perimeter. This perimeter encloses module
components responsible for the creation, storage and processing of critical security
parameters. The boundary contains intricate serpentine patterns that are used to detect tamper
attempts associated with a breach of the cryptographic envelope by drilling, sawing or removal
of the tamper lid.
7.1 Module Interfaces
6.1 USB (Universal Serial Bus) Interface
This is the trusted interface of the HSM. It is used for communicating with iKey1000 tokens.
Four tokens are shipped with each HSM. One will contain a pin used to authenticate the
Security Officer. One will contain a pin used to authenticate the User. One will contain a key-
part to be controlled by the Security Officer. One will contain a key-part to be controlled by the
user. No secrets, key-parts or critical security parameters are contained within any of the
tokens or within the HSM when these items are shipped from Rainbow Technologies.
6.2 Status LED (Light Emitting Diode) Interface
The LED can be in four possible states. These are off, green, orange and red. The meaning
associated with each LED state is as follows:
Off
Green
Orange
Red
User Guide
LED State
Meaning
Power off
Board is on but idle
Board is in the self-test state or performing a crypto
function
Board is in the error state
5.0 Physical Security
April 2013
223
Advertisement
Table of Contents
