FIPS 140-1 PDF

The selective application of technological and related procedural safeguards is an important responsibility of every Federal organization in. FIPS (Federal Information Processing Standard) is the benchmark for validating the effectiveness of cryptographic hardware. If a product has a FIPS You need to know if Symantec Endpoint Encryption(SEE) and/or Guardian Edge Hard Drive (GEHD) encryption is a validated FIPS and/or

Author: Nikojinn Arashibar
Country: Argentina
Language: English (Spanish)
Genre: Health and Food
Published (Last): 24 January 2010
Pages: 326
PDF File Size: 4.60 Mb
ePub File Size: 11.52 Mb
ISBN: 426-3-94348-139-6
Downloads: 78629
Price: Free* [*Free Regsitration Required]
Uploader: Kazirisar

You can no longer have a product validated under FIPSbecause it is no longer a current standard. Computer security standards Cryptography standards Standards of the United States. In addition to the specified levels, Section 4. If a product contains countermeasures against these attacks, they must be documented and tested, but protections are not required to achieve a given level. Vendors do not always maintain their baseline validations.

July Learn how and when to remove this template message. There are 4 steps, not 8 — it’s just that the requirements for climbing those steps were tweaked. Please help improve this article by adding citations to reliable sources. Darren Moffat, Oracle Solaris. FIPSissued on 25 Maytakes account of changes in available technology and official standards sinceand of comments received from the vendor, tester, and user communities. Post as a guest Name.

The National Institute of Standards and Technology NIST issues the Publication Series to coordinate the requirements and standards for cryptographic modules which include both hardware and software components for use by departments and agencies of the United States federal government. From Wikipedia, the free encyclopedia. By clicking “Post Your Answer”, you acknowledge that you have read our updated terms of serviceprivacy policy and cookie policyand that your continued use of the website is subject to these policies.


The draft issued on 11 Sephowever, reverted to four security levels and limits the security levels of software to levels 1 and 2. Sign up using Email and Password. I tried googling for this info but it’s not easily available because FIPS is now really old. FIPS does not purport to provide sufficient conditions to guarantee that a module conforming to its requirements is secure, still less that a system built using such modules is secure.

User agencies desiring to implement cryptographic modules should confirm that the module they are using is covered by an existing validation certificate. This article has multiple issues. Post Your Answer Discard By clicking “Post Your Answer”, you acknowledge that you have read our updated terms of serviceprivacy policy and cookie policyand that your continued use of the website is subject to these policies.

FIPS – Wikipedia

This article relies too much on references to primary sources. The use 140-11 validated cryptographic modules is required by the United States Government for all unclassified uses of cryptography. The requirements cover not only the cryptographic modules themselves but also their documentation and at the highest security level some aspects of the comments contained in the source code.

August Learn how and when to remove this template message. January Learn how and when to remove this template message. Sign up or log in Sign up using Google.

This page was last edited on 12 Marchat The group identified the four “security levels” and eleven “requirement areas” listed above, and specified requirements for each area at each level. FIPS is a new version of the standard which is currently under development. Home Questions Tags Users Unanswered. Views Read Edit View history. By using our site, you acknowledge that you have read and understand our Cookie PolicyPrivacy Policyand our Terms of Service.

  ATEK 3500 PDF


This article includes a list of referencesbut its sources remain unclear because it has insufficient inline citations. Please help to improve this fi;s by introducing more precise citations.

For Levels 2 and higher, the operating platform upon which the validation is applicable is also listed. Please improve this by adding secondary or tertiary sources.

Is Symantec Endpoint Encryption a validated FIPS 140-1 and FIPS 140-2 Cryptographic Module?

The Government of Canada also recommends the use of FIPS validated cryptographic modules in unclassified applications of its departments. A module that is FIPScompliant is not more secure than a fipe that is FIPScompliant, it is only more up-to-date in the certification process.

Please help improve it or discuss these issues on the talk page.

Due to the way in which the validation process rips set up, a software vendor is required to re-validate their FIPSvalidated module for every change, no matter how small, to the software; this re-validation is required even for obvious bug or security fixes.

By using this site, you agree to the Terms of Use and Privacy Policy. Email Required, but never shown. Sign up using Facebook.

Retrieved from ” https: This article needs additional citations for verification. Articles lacking in-text citations from July All articles lacking in-text citations Articles needing additional references from August All articles needing additional references Articles lacking reliable references from January All articles lacking reliable references Articles with multiple maintenance issues Articles containing potentially dated 1400-1 from December All articles containing potentially dated statements.

The -1 or -2 part is a version number.