Federal Information Processing Standard (FIPS) 140

FIPS 140 - Federal Information Processing Standard (FIPS) 140, titled "Security Requirements for Cryptographic Modules" is in its second revision. FIPS 140-2 was signed on 22nd June 2001, superseding FIPS 140-1.

"Cryptographic module" is a generic term that refers to code, in software or firmware, that performs one or more security functions. The Standard sets requirements for cryptographic modules to be used in sensitive but non-classified government systems. The requirements are leveled from level one, lowest, to level four, highest; to be appropriate for use in situations with varying needs for the protection of information. Cryptographic modules that are approved for use in classified systems may be substituted as they would generally have even more security features. A cryptographic module may be sold separately for use in applications or it may be sold as part of an application or hardware system, but it's the module itself that's scrutinized against these requirements in eleven areas related to the secure design and implementation of the module.

The NIST Cryptographic Module Validation (CMV) Program, announced in July, 1995, validates cryptographic modules against the requirements in FIPS 140.

[Category=Geospatial ]

Source: RSA, 15 August 2011 09:41:56, http://www.rsa.com/glossary/