FIPS 140-1 PDF

The selective application of technological and related procedural safeguards is an important responsibility of every Federal organization in. FIPS (Federal Information Processing Standard) is the benchmark for validating the effectiveness of cryptographic hardware. If a product has a FIPS You need to know if Symantec Endpoint Encryption(SEE) and/or Guardian Edge Hard Drive (GEHD) encryption is a validated FIPS and/or

Author: Grom Neshakar
Country: Saudi Arabia
Language: English (Spanish)
Genre: Finance
Published (Last): 2 May 2012
Pages: 421
PDF File Size: 10.35 Mb
ePub File Size: 1.56 Mb
ISBN: 233-5-88007-791-9
Downloads: 20548
Price: Free* [*Free Regsitration Required]
Uploader: Munos

Please improve this by adding secondary or tertiary sources. By using this site, you agree to the Terms of Use and Privacy Policy. The draft issued on 11 Sephowever, reverted to four security levels and limits the security levels of software to levels 1 and 2.

The Government of Canada also recommends the use of FIPS validated cryptographic modules in unclassified applications of its departments. Fups article needs additional citations for verification.

The National Institute of Standards and Technology NIST issues the Publication Series to coordinate 14-1 requirements and standards for cryptographic modules which include both hardware cips software components for use by departments and agencies of the United States federal government. Post Your Answer Discard By clicking “Post Your Answer”, you acknowledge that you have read our updated terms of serviceprivacy policy and cookie policyand that your continued use of the website is subject to these policies.

In addition to the specified levels, Section 4.

Is Symantec Endpoint Encryption a validated FIPS 140-1 and FIPS 140-2 Cryptographic Module?

FIPS is a new version of the standard which is currently under development. Since validation is an expensive process, this gives software vendors an incentive to postpone changes to their software and can result in software that does not receive security updates until the next validation.


Due to the way in which the validation process is set up, a software vendor is required to re-validate their FIPSvalidated module for every change, no matter how small, to the software; this re-validation is required even for obvious bug or security fixes.

Computer security standards Cryptography standards Standards of the United Fiips. Articles lacking in-text citations from July All articles lacking in-text citations Articles needing additional references from August All articles needing additional references Articles lacking reliable references from January All articles lacking reliable references Articles with multiple maintenance issues Articles containing potentially dated statements from December Fios articles containing potentially dated statements.

Sign up fjps Email and Password. I tried googling for this info but it’s not easily available because FIPS is now really old. This page was last edited on 12 Marchat Sign up or log in Sign up using Google.

There are 4 steps, not 8 — it’s just that the requirements for climbing those steps were tweaked. The use of validated cryptographic modules is required by the United States Government for all unclassified uses of cryptography.

Sign up using Facebook. This article relies too much on references to primary sources. By using fipa site, you acknowledge that you have read and understand our Cookie PolicyPrivacy Policyand our Terms of Service.

FIPS What Is It & How to Get Validated – Corsec

By clicking “Post Your Answer”, you acknowledge that you have read our updated terms of serviceprivacy policy and cookie policyand that your continued use of the website is subject to these policies. Learn how and when to remove these template messages. The requirements cover not 1401- the fipw modules themselves but also their documentation and at the highest security level some aspects of the comments contained in the source code.


Please help improve this article by adding citations to reliable sources. Vendors do not always maintain their baseline validations. January Learn how and when to remove this template message. Unsourced material may be challenged and removed. From Wikipedia, the free encyclopedia. FIPSissued on 11 Januarywas developed by a government and fipe working group, composed of vendors and users of cryptographic equipment.

This article has multiple issues. Please help to improve this article by introducing more precise citations. Please help improve it or discuss these issues on the talk page. The -1 or -2 part is a version fipz.

Email Required, but never shown. Views Read Edit View history.

Post as a guest Name. Home Questions Tags Users Unanswered. You can no longer have a product validated under FIPSbecause it is no longer a current standard. For Levels 2 and higher, the operating platform upon which the validation is applicable is also listed.

Darren Moffat, Oracle Solaris.

Back to top