Page 29

HSM_for_Dummies

HSM for Dummies tion of defined security criteria is attained, depending on the degree of security necessary and the quality tests required. The ISO/IEC 19790 standard is essentially a reworking of the national U.S. standard ‘Federal Information Processing Standard Publication (FIPS PUB) 140-2: Security requirements for cryptographic modules’. This ISO will represent a broader foundation in upcoming FIPS 140 definitions. Figure 4.1: CMVP website The CMVP website has all information you could want on FIPS 140; see http://csrc.nist.gov/groups/STM/cmvp/index.html. The ‘Module Validation Lists’ section has an overview of certified devices sorted by manufacturer. The ‘Modules in Process’ section contains all manufacturers whose modules are currently under evaluation. 28


HSM_for_Dummies
To see the actual publication please follow the link above