1 introduction, 1 purpose, 2 references – HP FIPS 140-2 User Manual

Page 5

Security Policy, version 1.0

January 31, 2008

HP StorageWorks Secure Key Manager

Page 5 of 26

This document may be freely reproduced in its original entirety.

1 Introduction

1.1 Purpose

This document is a non-proprietary Cryptographic Module Security Policy for the HP StorageWorks Secure Key
Manager (SKM) from Hewlett-Packard Company. Federal Information Processing Standards (FIPS) 140-2, Security
Requirements for Cryptographic Modules, specifies the U.S. and Canadian Governments’ requirements for
cryptographic modules. The following pages describe how HP’s SKM meets these requirements and how to use the
SKM in a mode of operation compliant with FIPS 140-2. This policy was prepared as part of the Level 2 FIPS 140-2
validation of the HP StorageWorks Secure Key Manager.

More information about FIPS 140-2 and the Cryptographic Module Validation Program (CMVP) is available at the
website of the National Institute of Standards and Technology (NIST):

http://csrc.nist.gov/groups/STM/cmvp/index.html

In this document, the HP StorageWorks Secure Key Manager is referred to as the SKM, the module, or the device.

1.2 References

This document deals only with the operations and capabilities of the module in the technical terms of a FIPS 140-2
cryptographic module security policy. More information is available on the module from the following sources:

• The HP website (

http://www.hp.com

) contains information on the full line of products from HP.

• The CMVP website (

http://csrc.nist.gov/groups/STM/cmvp/index.html

) contains contact information for

answers to technical or sales-related questions for the module.