Manualshelf

FIPS Standard

ManualsBrandsIntel ManualsOtherIntel Dual Band Wireless-N 7260
21222324252627282930
the input events, including data inputs and control inputs, that cause transitions from one state to
another, and
the output events, including internal module conditions, data outputs, and status outputs resulting
from transitions from one state to another.
4.5 Physical Security
A cryptographic module shall employ physical security mechanisms in order to restrict unauthorized
physical access to the contents of the module and to deter unauthorized use or modification of the module
(including substitution of the entire module) when installed. All hardware, software, firmware, and data
components within the cryptographic boundary shall be protected.
A cryptographic module that is implemented completely in software such that the physical security is
provided solely by the host platform is not subject to the physical security requirements of this standard.
Physical security requirements are specified for three defined physical embodiments of a cryptographic
module:
Single-chip cryptographic modules are physical embodiments in which a single integrated circuit
(IC) chip may be used as a standalone device or may be embedded within an enclosure or a product
that may not be physically protected. Examples of single-chip cryptographic modules include
single IC chips or smart cards with a single IC chip.
Multiple-chip embedded cryptographic modules are physical embodiments in which two or more
IC chips are interconnected and are embedded within an enclosure or a product that may not be
physically protected. Examples of multiple-chip embedded cryptographic modules include
adapters and expansion boards.
Multiple-chip standalone cryptographic modules are physical embodiments in which two or more
IC chips are interconnected and the entire enclosure is physically protected. Examples of multiple-
chip, standalone cryptographic modules include encrypting routers or secure radios.
Depending on the physical security mechanisms of a cryptographic module, unauthorized attempts at
physical access, use, or modification will have a high probability of being detected
subsequent to an attempt by leaving visible signs (i.e., tamper evidence)
and/or
during an attempt so that appropriate actions can be taken by the cryptographic module to protect
plaintext secret and private keys and CSPs (i.e., tamper response).
Table 2 summarizes the physical security requirements, both general and embodiment-specific, for each of
the four security levels. The general physical security requirements at each security level are all three
distinct physical embodiments of a cryptographic module. The embodiment-specific physical security
requirements at each security level enhance the general requirements at the same level, and the
embodiment-specific requirements of the previous level.
20