Introduction —
COTS and Security —
A Solid Foundation —
FIPS 140-2 —
FIPS 140-2 Validation —
Market Entry Barriers and Issues —
Conclusion
[+]
Introduction
Of the many and diverse components that make up today’s software systems, two are most important for the system’s security: an OS that meets strict safety requirements for dependability, and a FIPS-validated cryptography module ...
COTS and Security
Like other organizations, government agencies would like to be able to use commercial off-the shelf (COTS) products in order to take advantage of the expertise and cost savings offered by competitive vendors. To be eligible for use ...
A Solid Foundation
A fundamental requirement of any secure system is that it run on a dependable OS. Building a secure system on an OS that cannot provide dependability guarantees is very much like building a bank vault with a dirt floor. Someone will eventually ...
FIPS 140-2
In the U.S., requirements for government security are regulated by FIPS publications. NIST develops these publications for use across all government agencies. It develops and issues new FIPS publications ...
FIPS 140-2 Validation
For most vendors, there are two levels of FIPS validation. The first level validates the encryption techniques used by specific algorithms, such as those referred to in FIPS 186-2 and FIPS 197. These algorithms ...
Market Entry Barriers and Issues
While the government market is attractive and lucrative, for many vendors the FIPS validation process represents a significant barrier to entry. The choices available to vendors hoping to sell to government agencies ...
Conclusion
Given the barriers and the benefits associated with developing a FIPS-validated product, finding a reliable FIPS implementation that will get the product to market quickly and with the least amount of risk can mean ...