0 physical security, 1 module interfaces, 1 usb (universal serial bus) interface – Nortel Networks NN46120-104 User Manual
Page 237: 2 status led (light emitting diode) interface, 3 serial interface, 4 pci interface
7.1 Module Interfaces
237
5.0 Physical Security
The board is designed to detect tampering attempts and will zeroize critical
security parameters under a variety of prescribed circumstances. These
circumstances include penetration of the module’s cryptographic envelope.
The cryptographic envelope consists of an opaque tamper resistant lid and
circuit board, and will provide clear visual evidence of tampering. The lid
and circuit board are joined to form a contiguous perimeter. This perimeter
encloses module components responsible for the creation, storage and
processing of critical security parameters. The boundary contains intricate
serpentine patterns that are used to detect tamper attempts associated
with a breach of the cryptographic envelope by drilling, sawing or removal
of the tamper lid.
7.1 Module Interfaces
6.1 USB (Universal Serial Bus) Interface
This is the trusted interface of the HSM. It is used for communicating
with iKey1000 tokens. Four tokens are shipped with each HSM. One will
contain a pin used to authenticate the Security Officer. One will contain
a pin used to authenticate the User. One will contain a key-part to be
controlled by the Security Officer.
One will contain a key-part to be controlled by the user. No secrets,
key-parts or critical security parameters are contained within any of the
tokens or within the HSM when these items are shipped from Rainbow
Technologies.
6.2 Status LED (Light Emitting Diode) Interface
The LED can be in four possible states. These are off, green, orange and
red. The meaning associated with each LED state is as follows:
LED State
Meaning
Off
Power off
Green
Board is on but idle
Orange
Board is in the self-test state or performing a
crypto function
Red
Board is in the error state
The true state of the HSM will be obtainable from the status register which
is read by the host over the PCI interface.
6.3 Serial Interface
The serial interface is disabled in the production version of the HSM board.
6.4 PCI Interface
This interface is used to provide data and commands to the HSM board. It
is also used to read data and status from the HSM.
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.