Federal Information Processing Standard
노트
위키데이터
- ID : Q917824
말뭉치
- The FIPS 140-2 security requirements cover 11 areas related to the design and implementation of a cryptographic module.[1]
- “FIPS 140 Validated” means that the cryptographic module, or a product that embeds the module has been validated (“certified”) by the CMVP as meeting the FIPS 140-2 requirements.[1]
- If you are required to use cryptographic modules validated through FIPS 140-2, you need to verify that the version you use appears on the validation list.[1]
- This caveat informs the reader that required configuration and security rules must be followed to use the cryptographic module in a way that is consistent with its FIPS 140-2 security policy.[1]
- Windows has a hidden setting that will enable only government-certified “FIPS-compliant” encryption.[2]
- FIPS defines certain specific encryption methods that can be used, as well as methods for generating encryption keys.[2]
- “FIPS mode” doesn’t make Windows more secure.[2]
- It just blocks access to newer cryptography schemes that haven’t been FIPS-validated.[2]
- As geographers and data analysts we are interested in specific FIPS codes developed to assign ID tags for various geographic entities.[3]
- FIPS codes numbered 5-2 and 6-4 were originally published in the 1970s (as previous versions 5-1 and 6-3) and then updated in 1987 and 1990 respectively.[3]
- FIPS 5-2 issued a 2-digit numeric value for each U.S. state, the District of Columbia, outlying territories and other affiliated areas.[3]
- FIPS 6-4 issued a 3-digit numeric value identifying counties and equivalent subdivisions.[3]
- Codes: for instance, standards for encoding data (such as FIPS county codes or codes to indicate weather conditions or emergency indications).[4]
- In 1994 NOAA began broadcasting coded signals called FIPS codes along with their standard weather broadcasts from local stations.[4]
- Some examples of FIPS Codes for geographical areas include FIPS 10-4 for country codes or region codes and FIPS 5-2 for state codes.[4]
- FIPS 140-2 validation is mandatory for use in federal government departments that collect, store, transfer, share and disseminate sensitive but unclassified (SBU) information.[5]
- Anyone deploying systems into a U.S. federal SBU environment – and this includes cloud services – are required to comply with FIPS 140-2 certification.[5]
- In other words, the encryption associated with the computer systems, solutions and services used by federal government agencies must meet the minimum standards specified in FIPS PUB 140-2.[5]
- FIPS 140-2 has also become the de-facto standard for encryption beyond the federal government and is recognized as an important security standard outside the United States.[5]
- VMware has validated various cryptographic modules against the FIPS 140-2 standard.[6]
- The FIPS 140-2 standard specifies and validates the cryptographic and operational requirements for the modules within security systems that protect sensitive information.[6]
- The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java.[6]
- The Computer Security Act of 1987 contained a waiver process for FIPS; however, this Act was superseded by FISMA of 2002, which no longer allows this practice.[7]
- When industry standards become available the federal government will withdraw a FIPS.[7]
- FIPS are applied to the potential use case and align with the government data’s perceived value.[8]
- FIPS has been adopted as the de facto security standard by governments and regulated industries around the world, including the healthcare, financial and legal services sectors.[9]
- “The FIPS certification is the latest demonstration of Cloudian’s commitment to providing the most secure object storage platform on the market.[9]
- FIPS PUB 140-2 is a U.S. government computer security standard that is used to approve cryptographic modules and is published by the U.S. National Institute of Standards and Technologies (NIST).[9]
- Vendors can only earn a FIPS 140-2 certification after their software has undergone extensive testing and been independently validated by one of 13 NIST-specified laboratories.[9]
- It is recommended that you verify that the cryptography module used in the applications in your implementation have FIPS 140-1 or FIPS 140-2 certification.[10]
- The RSA BSAFE libraries used in Siebel Business Applications are FIPS 140-2 certified.[10]
- FIPS 201 is the technical standard that HSPD-12 required the National Institute of Standards and Technology (NIST) to develop.[11]
- FIPS 201 is entitled _Personal Identity Verification (PIV) for Federal Employees and Contractors.?[11]
- FIPS 201 was issued on February 27, 2005.[11]
- The first revision of FIPS 201-1 was finalized in June 2006.[11]
- For a list of FIPS prerequisites, see FIPS 140-2 Supported Platforms.[12]
- FIPS are compulsory and binding for federal agencies.[13]
- AWS is updating all AWS FIPS endpoints to a minimum Transport Layer Security (TLS) version of 1.2 across all AWS Regions, with a targeted completion date of March 31, 2021.[14]
- Once completed, these updates will revoke the ability to use TLS 1.0 and TLS 1.1 on all FIPS endpoints.[14]
- The FIPS endpoints for the AWS services listed below have been updated and require TLS 1.2 or higher.[14]
- For the secure protection of high-security information, Plasma Ruggedized Solutions offers Level 1-4 Federal Information Processing Standards (FIPS) compliance services.[15]
- Our FIPS capabilities will ensure that your hardware meets or exceeds FIPS compliance certification standards for physical security.[15]
- Plasma Ruggedized Solutions (PRS) is one of the industry’s highest-volume producers of FIPS-approved products.[15]
- Our FIPS capabilities will protect your products—and the data stored in them—from potential theft or information probing.[15]
- A FIPS standard is developed only when there are no voluntary standards in existence to address federal requirements.[16]
- These components use the security library directly and require the additional configuration option FIPS Mode Enabled to control their usage.[16]
- FIPS integrity verification is performed when the dracut-fips package is present on the system, regardless of whether the system operates in FIPS mode or not.[17]
- The FIPS 140 2 portion of the standards specifically deals with cryptographic modules.[18]
- All of the federal government departments that interact with sensitive unclassified information must be compliant to FIPS 140-2.[18]
- Each level in the FIPS 140 2 portion of the standards is specifically designed to be appropriate for a given type of task and working environment.[18]
- You may have seen the terms, ‘FIPS Compliant Encryption’, ‘FIPS 140 2 Validated Encryption’ or ‘FIPS 140 2 Certified Encryption’.[18]
- FIPS mandates a number of different types of security and auditing procedures that depend on the type of data being stored and protected.[19]
- FIPS works in tandem with other federal data security standards to fill in any compliance gaps or loopholes.[19]
- We have many clients who are using FIPS-compliant Abacus Private Cloud accounts.[19]
- The Uplogix Local Manager can be operated in a secure manner that complies with FIPS 140-2 for customers whose corporate security policy requires it.[20]
- To enable FIPS mode, the Local Manager must be running the -g version of LMS software.[20]
- ** ** unless the management server is also running in FIPS mode.[20]
- Of most interest to microwave backhaul users are two particular FIPS standards, FIPS 197 and FIPS 140-2.[21]
- FIPS 197 is straightforward enough: it provides the definition of the Advanced Encryption Standard (AES), which is the basis of so much of the security industry.[21]
- However, not all FIPS validations are created equal.[21]
- FIPS 140-2 that sets the standard for the Security Requirements for Cryptographic Modules has different levels of validation.[21]
- Typically, FIPS codes deal with US states and counties.[22]
- FIPS 140-2 is a standard first published in 2001 by the U.S. National Institute of Standards and Technology (NIST), a non-regulatory agency of the U.S. Department of Commerce.[23]
- The Canadian government also has policies requiring FIPS-validated software, and it cooperates with NIST in establishing FIPS standards.[23]
- FIPS includes standards regarding the formatting of location and personal identification information, encryption algorithms, key storage, and other data processing areas.[23]
- According to the FIPS specification, "allows the software and firmware components of a cryptographic module to be executed on a general purpose computing system using an unevaluated operating system.[23]
- A FIPS 140-2 validation certificate is issued for each validated module.[24]
- Cisco Unified Border Element is Common Criteria (CC) and The Federal Information Processing Standards (FIPS) certified.[25]
- FIPS 200 specifies the minimum security requirements for non-military federal information systems.[26]
- FIPS 200 addresses the specification of minimum security requirements for federal information and information systems.[26]
- FIPS 199 addresses the classification divides systems.[26]
- The Federal Information Processing Standards (FIPS) are standards published by NIST for use by the United States federal government and government contractors in relation to computer systems.[26]
- FIPS 140-2 is a statement that is titled "Security Requirements for Cryptographic Modules.[27]
- It is insufficient to use an algorithm just because it is listed on the approved lists in FIPS 140-2.[27]
- FIPS mode does not support Acrobat versions earlier than 7.0.[28]
- In general, when FIPS is enabled, the Assembler service does not apply password encryption to any document.[28]
- Additionally, the PDFsFromBookmarks element is not supported in FIPS mode when the base document is password-encrypted.[28]
- Definition - What does Federal Information Processing Standards (FIPS) mean?[29]
- We are very pleased to announce that we have received Federal Information Processing Standards (FIPS) Validation (CMVP Cert #3702) for the D2iQ Kubernetes Platform (DKP).[30]
- Many government agencies in the United States require Federal Information Processing Standards (FIPS) compliance or validation for deployed software.[30]
- D2iQ works with many U.S. government agencies and has a history of delivering FIPS compliant platforms as part of these partnerships.[30]
- Products can either be FIPS compliant or validated/certified.[30]
- FIPS 140-2 is the mandatory standard associated with encryption of unclassified information.[31]
- There are two basic approaches to achieving compliance with FIPS 140-2.[31]
- B, FIPS 140-2 Level 1 can be achieved by incorporating a software- based certified encryption module.[31]
- FIPS 140-2 Level 2 and above can be achieved by incorporating an embedded hardware based certified encryption module.[31]
소스
- ↑ 1.0 1.1 1.2 1.3 Federal Information Processing Standard (FIPS) Publication 140-2 - Microsoft Compliance
- ↑ 2.0 2.1 2.2 2.3 Why You Shouldn’t Enable “FIPS-compliant” Encryption on Windows
- ↑ 3.0 3.1 3.2 3.3 Tips on FIPS: A Quick Guide to Geographic Place Codes
- ↑ 4.0 4.1 4.2 Federal Information Processing Standards
- ↑ 5.0 5.1 5.2 5.3 FIPS 140-2 Overview & Compliance Requirements
- ↑ 6.0 6.1 6.2 Federal Information Processing Standards (FIPS) - VMware Security
- ↑ 7.0 7.1 Compliance FAQs: Federal Information Processing Standards (FIPS)
- ↑ Whats is the Federal Information Processing Standard (FIPS)?
- ↑ 9.0 9.1 9.2 9.3 Cloudian HyperStore Obtains Federal Information Processing Standard (FIPS) Security Certification
- ↑ 10.0 10.1 8.2: Federal Information Processing Standard (FIPS) 140
- ↑ 11.0 11.1 11.2 11.3 What is the Federal Information Processing Standard (FIPS) - 201?
- ↑ Federal Information Processing Standard
- ↑ Federal Information Processing Standards
- ↑ 14.0 14.1 14.2 Amazon Web Services (AWS)
- ↑ 15.0 15.1 15.2 15.3 Federal Information Processing Standards (FIPS) Capabilities & Compliance
- ↑ 16.0 16.1 Documentation:System:SDG:FIPS:8.5.x
- ↑ 10.2. Federal Information Processing Standard (FIPS) Red Hat Enterprise Linux 6
- ↑ 18.0 18.1 18.2 18.3 What is FIPS 140 2? Federal Information Processing Standards
- ↑ 19.0 19.1 19.2 Federal Information Processing Standards (FIPS)
- ↑ 20.0 20.1 20.2 Federal Information Processing Standard (FIPS) 140-2 Mode
- ↑ 21.0 21.1 21.2 21.3 Federal Information Processing Standards
- ↑ FAQ: What are FIPS codes?
- ↑ 23.0 23.1 23.2 23.3 What is FIPS (Federal Information Processing Standard)
- ↑ What is FIPS 140?
- ↑ Common Criteria (CC) and The Federal Information Processing Standards (FIPS) Compliance [Cisco Unified Border Element]
- ↑ 26.0 26.1 26.2 26.3 Minimum Security Requirements for Federal
- ↑ 27.0 27.1 Federal Information Processing Standards (FIPS)
- ↑ 28.0 28.1 28.2 Adobe LiveCycle ES3 * 6.1 Enabling Federal Information Processing Standard (FIPS)
- ↑ What are Federal Information Processing Standards (FIPS)?
- ↑ 30.0 30.1 30.2 30.3 Why We Care About FIPS (And You Should Too) UPDATE!
- ↑ 31.0 31.1 31.2 31.3 What is FIPS and Why Should You Care?
메타데이터
위키데이터
- ID : Q917824