An Introduction to FIPS 140-2 and Common Criteria
By John Morris, president and co-founder of Corsec Security
So you’ve heard about people talking about FIPS 140-2 and Common Criteria, but you can’t seem to get a comprehensive explanation of what these things are? Well, this short article attempts to do just that: explain what these programs really are, and what they mean in practical terms. We’ll try to cut through the jargon, and explore what it actually means in real life.
What are they?
FIPS 140-2 and Common Criteria are two security-product certification programs run by government. FIPS 140-2 says the cryptographic parts of a product must be done to the government’s satisfaction. Common Criteria (all the cool kids are saying “CC”) details a range of security related topics (like auditing, or software development practices) and what the government requires for different types of products.
There are 1197 words in the rest of this article …
Library Access Required
Library subscribers have access to the full archives of more than 10,000 original news items and feature articles published by AVISIAN’s suite of ID technology publications (ContactlessNews.com, CR80News.com, DigitalIDNews.com, FIPS201.com, NFCNews.com, RFIDNews.org, SecureIDNews.com, and ThirdFactor.com).
For just $99, you receive unlimited password-protected access to content on all of AVISIAN’s sites for an entire year. Your subscription helps fund the continued creation of independent, insightful content. Find out more.
Sign in as a Subscriber
If you are already a subscriber, you may sign in now. Enter your Email Address and Password and click Sign In.
If you have forgotten your password, enter just your Email Address, and click Send Password.
