Table of Contents
22nd National Information Systems Security Conference
Topics Addressed
Motivators for FIPS 140-1
Motivators for the FIPS 140-1 process
Standards
FIPS 140-1 Objectives
Intent of FIPS 140-1
Business Aspects
Specific Objectives
Applicability of FIPS 140-1
FIPS 140-1 Security Levels
FIPS 140-1 Levels
FIPS 140-1 Certifications
Certifications by Level
Certification Level vs Time
Physical Configuration
Laboratory’s Role
Assurance Through A Structured Development Process
FIPS 140-1 �Structured Design Process
Benefits of �Structured Design Process
Benefits of �Structured Design Process
Module Boundary
Crypto Boundary Exclusions
Security Policy
Module Interfaces
Required Roles
Other Roles
Required Services
FIPS 140-1 Optional Services
Identification and Authentication
Finite State Machine Model
Physical Security
Single Chip Requirements
Multiple Chip Embedded
Multi-Chip Stand-Alone
Software
Operating System
Key Management
Cryptographic Algorithms
EMI / EMC
Required Self-Test
Self-Test Failure
Documentation
Documentation Control
Validation Process�
When to Start
The FIPS 140-1�Validation Process
Validation Process Steps
Validation Process Steps
Validation Process Steps
Validation Process Steps
Certification
Changes to Certified Products
PPT Slide
New and future standards
FIPS 140-2
Common Criteria
Common Criteria �vs FIPS 140-1
|