Keyper Hardware Security Module (HSM) v2.0

 
PROJECT ID
C037
ASSURANCE LEVEL
EAL4+ AVA_VAN.5
Security Target (ST)
 
Certification Report (CR)
 
PRODUCT NAME AND VERSION
Keyper Hardware Security Module (HSM) v2.0:
a) Enterprise (Hardware: 9720, Software: 011126)
b) Professional (Hardware: 9720, Software: 010405)
PRODUCT TYPE
Web based frontend to the Microsoft Certification Authority (CA) services
PRODUCT SPONSOR / DEVELOPER

AEP Networks Ltd.

PRODUCT SPONSOR / DEVELOPER CONTACT DETAILS

AEP Networks Ltd.

Knaves Beech Business Centre,
Loudwater, Buckinghamshire,
HP10 9UT,
UNITED KINGDOM.

URL: http://www.aepnetworks.com/
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +44 1628 642 600
Fax: +44 1628 642 605

Keyper Hardware Security Module (HSM) v2.0 or the Target of Evaluation (TOE) is a dedicated hardware product which provides secure digital signature services, cryptographic services and key management services to applications that reside on physically separate host computer systems. The TOE is a secure module that is contained within an outer casing. The outer casing includes a Keypad, LCD screen, smart card reader and a number of external ports; they are out of the evaluation scope. The TOE is tamper reactive; and has been validated against the requirements for the FIPS PUB 140-2 at level 4. Keyper Hardware Security Module (HSM) v2.0 is intended for use in a dedicated network with devices and applications that make use of its cryptographic functions. Keyper Hardware Security Module (HSM) v2.0 should be provided appropriate physical and logical protections.

The TOE encompasses two models: AEP Keyper Enterprise (Hardware: 9720, Software: 011126) and AEP Keyper Professional (Hardware: 9720, Software: 010405). Both models share the same features and architecture (the only difference is performance), therefore both models shall be considered together. Two additional “High Availability” models also exist, however they are out of the scope of this evaluation.
The functions of the TOE that are within the scope of evaluation covering:

  • Secure generation, distribution and destruction of cryptographic keys.
  • Secure storage and management of keys throughout their lifecycle.
  • User authentication to facilitate controlled access to cryptographic key management and TOE management functions by trusted personnel only.
  • Security management to enable role-based management of the core functions of the TOE.
  • Access control for key management functions to ensure that only specified roles are permitted to perform defined tasks.
  • Auditing of security relevant events to provide suitable accountability.
  • Self-test of the core cryptographic functions and algorithms of the TOE.
  • Tamper protection to ensure that the TOE is adequately protected from unauthorised physical access.