Security Policy: Stealth MXP and Stealth MXP Passport
Date: August 5, 2008
Copyright © 2008 MXI. Distribution of this document by the Cryptographic Module Validation
Program validation authorities, the National Institute of Standards and Technology (NIST) and the
Communications Security Establishment Canada (CSEC), is allowed providing the document is
copied or printed in its entirety.
Page 6 of 49
2 Overview
2.1
Purpose
This document contains the Security Policy for Stealth MXP and Stealth MXP
Passport.
It is meant for public consumption and was written to provide a
specification of the cryptographic security that will allow individuals and
organizations to determine whether a cryptographic module, as implemented,
meets a stated security policy. It describes to individuals and organizations the
capabilities, protection, and access rights provided by the cryptographic module,
thereby allowing an assessment of whether the module will adequately serve the
individual or organizational security requirements.
2.2
Scope
This document is based on the requirements and expectations outlined in the
FIPS 140-2 specification.
This document describes the identification and
authentication policy, the access control policy, the physical security policy and a
security policy for mitigation of other attacks. It also details the roles and
services provided by Stealth MXP and the types of services each role may access.
Note: Stealth MXP Passport is identical to Stealth MXP except for not having a
biometric fingerprint sensor and associated biometric authentication services.
For simplicity and where convenient, both products will be referred to as MXP.
This document applies specifically to Stealth MXP and Stealth MXP Passport with
the following versions:
MXI AES: Part # 933000334R: Version 1.0
Boot loader: Version 2.1
Firmware: Version 4.21
Hardware: (see tables)