RAI FIPS 140-2 Common Criteria Resources About RAI Contact

FIPS 140-2 Resources                                  Common Criteria Resources FIPS 140-2 (Federal Information Processing Standard) is the current standard of conformance for modules implementing cryptographic algorithms and security functions. Conformance is managed through the CMVP (Cryptographic Module Validation Program) under NIST's CSRC (Computer Security Resource Center). The FIPS 140-2 specification is the formal declaration of requirements for cryptographic modules. The Derived Test Requirements explain exactly what will be tested and what evaluators will check for in all evidence submitted for evaluation. Be sure to read the change notices at the back of the FIPS spec and the Derived Test Requirements documents. Independent testing laboratories perform conformance testing. NIST and its Canadian counterpart the Communications Security Establishment (CSE) recognize each other's evaluations. Validation lists identify validated products, certificates awarded to vendors for valid algorithm implementations, and a pre-validation list for cryptographic modules currently being evaluated. The NSTISSP 11 Fact Sheet explains the National Information Assurance Acquisition Policy that mandates federal agencies use evaluated products for systems handling information that is critical or essential to the conduct of organizational missions. Required evaluations may be FIPS or Common Criteria, or both as appropriate. Similar directives include DoD Instruction 8500.2 and DoD Directive 8100.2 on the use of evaluated wireless devices. Common Criteira Resources RAI || FIPS 140-2 || COMMON CRITERIA || RESOURCES || ABOUT RAI || CONTACT © 2005 Rosenberry Associates Inc. All rights reserved.