跳转至主内容
图像
紫色六角图案

Help meet your needs for data security compliance with FIPS 140-2 and FIPS 140-3 certified products

The Federal Information Processing Standard (FIPS) Publication 140-3 (FIPS PUB 140-3), commonly referred as FIPS 140-3, is the latest version of the U.S. government computer security standard used to validate cryptographic modules. As of April 1, 2022, FIPS PUB 140-3 Security Requirements for Cryptographic Modules supersedes FIPS 140-2 for new submissions.

Products certified to FIPS 140-2 can remain valid for five years after validation. See NIST transition page for more details. FIPS 140-2 and 140-3 were created by the NIST and, per the FISMA, are mandatory for U.S. and Canadian government procurements. Many global organizations are also mandated to meet these standards. FIPS 140-2 and 140-3 compliance have been widely adopted around the world in both governmental and non-governmental sectors as a practical security benchmark and realistic best practice.

Entrust delivers security products that have been tested and validated against the rigorous FIPS 140-2 and 140-3* encryption compliance standard. Entrust FIPS 140-2 and 140-3* compliant products help you comply with regulations while also giving you the confidence you need in your cryptographic tools.

*Under evaluation

概述

安全标准

根据 FIPS 出版物 140-3:

“The selective application of technological and related procedural safeguards is an important responsibility of every federal organization in providing adequate security in its computer and telecommunication systems. This standard is applicable to all federal agencies that use cryptographic-based security systems to provide adequate information security for all agency operations and assets.”

“This standard shall be used in designing and implementing cryptographic modules that federal departments and agencies operate or are operated for them under contract. The standard provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments. The security requirements cover areas related to the secure design, implementation, and operation of a cryptographic module.”

These areas include:

  • 加密模块规范
  • cryptographic module interfaces
  • roles, services, and authentication
  • software/firmware security
  • 操作环境
  • 物理安全
  • non-invasive security
  • sensitive security parameter management
  • self-tests
  • life-cycle assurance
  • 减少其他攻击

Certificate Authority

美国 NIST(国家标准与技术研究所)和加拿大 CSE(通信安全机构)作为证书颁发机构共同参与了 CMVP(加密模块验证计划),为 FIPS 140-2 认证标准提供加密模块验证。

For more information, read our FAQ pages:
什么是 FIPS 140-2?
什么是 FIPS 140-3? 

合规性概述

Entrust nShield HSM Support for FIPS 140-2 and 140-3* Security Standard

Entrust nShield® 系列硬件安全模块 (HSM) 符合 FIPS 140-2 安全标准。 Entrust nShield HSMs – available in FIPS 140-2 Level 1, 2, and 3 models and, soon FIPS 140-3 Level 3* – provide secure solutions for generating encryption and signing keys, creating digital signatures, encrypting data, and more in a variety of environments.

*FIPS 140-3 certification is under evaluation

产品合规性详细信息

A summary of nShield FIPS 140-2, FIPS 140-3, Common Criteria, and other certifications.

Entrust Security Certification Reference Document

资源中心

手册: Entrust nShield HSM 系列手册

Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption, and more. Available in thee FIPS 140-2 certified form factors – and soon, two FIPS 140-3 form factors* – Entrust nShield HSMs support a variety of deployment scenarios.

*FIPS 140-3 certification is under evaluation

Entrust nShield HSM 系列手册

数据表: Entrust nShield 连接

Entrust nShield Connect HSM 是通过认证的联网设备,可为跨服务器和虚拟机分布的应用程序提供加密密钥服务。

Entrust nShield Connect Data Sheet

数据表: Entrust nShield Solo

Entrust nShield Solo HSM 是基于 PCI-e 卡的认证解决方案,能够为单个服务器和设备上托管的应用程序提供加密密钥服务。

Entrust nShield Solo Data Sheet

数据表: Entrust nShield Edge HSM

Entrust nShield Edge HSM 是 USB 连接的桌面设备,能够为需要少量加密密钥服务的环境提供便利性和经济性。

Entrust nShield Edge Data Sheet