FIPS 140-2

The Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS PUB 140-2), commonly referred as FIPS 140-2, is a US government computer security standard used to validate cryptographic modules. FIPS 140-2 was created by the NIST and, per the FISMA, is mandatory for US and Canadian government procurements. Many global organizations are also mandated to meet this standard. FIPS 140-2 compliance has been widely adopted around the world in both governmental and non-governmental sectors as a practical security benchmark and realistic best practice.

Entrust delivers security products that have been tested and validated against the rigorous FIPS 140-2 encryption compliance standard. Entrust FIPS 140-2 compliant products help you comply with regulations while also giving you the confidence you need in your cryptographic tools.

Übersicht

Security Standard

According to FIPS Publication 140-2:

“[FIPS PUB 140-2] provides a standard that will be used by Federal organizations when these organizations specify that cryptographic-based security systems are to be used to provide protection for sensitive or valuable data. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. This standard specifies the security requirements that will be satisfied by a cryptographic module.

The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks.”

Certification Authorities

The US NIST (National Institute of Standards and Technology) and Canadian CSE (Communications Security Establishment) jointly participate as certification authorities in the CMVP (Cryptographic Module Validation Program) to provide validation of cryptographic modules to the FIPS 140-2 standard.

For more information, read our What is FIPS 140-2? FAQ page.

Compliance Overview

Entrust nShield HSM Support for FIPS 140-2 Security Standard

The Entrust nShield® family of hardware security modules (HSMs) conform to the FIPS 140-2 security standard. Entrust nShield HSMs, available in FIPS 140-2 Level 1, 2 and 3 models, provide secure solutions for generating encryption and signing keys, creating digital signatures, encrypting data and more in a variety of environments.

Product Compliance Detail

Please find a summary of nShield FIPS 140-2 and other certifications

Entrust nShield HSM FIPS 140-2 and Other Certifications

Ressourcen

Brochures: Entrust nShield HSM Family Brochure

Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.

Entrust nShield HSM Family Brochure

Datasheet: Entrust nShield Connect

Entrust nShield Connect HSMs are certified, networked appliances that deliver cryptographic key services to applications distributed across servers and virtual machines.

Entrust nShield Connect Datasheet

Datasheet: Entrust nShield Solo

Entrust nShield Solo HSMs are certified PCI-e card-based solutions that deliver cryptographic key services to applications hosted on individual servers and appliances.

Entrust nShield Solo Datasheet

Datasheet: Entrust nShield Edge HSMs

Entrust nShield Edge HSMs are USB-connected desktop devices that provide convenience and economy for environments requiring low-volume cryptographic key services.

Entrust nShield Edge Datasheet

Signaturzertifikate

Signaturzertifikate

Standard-TLS/SSL

Vorteil von TLS/SSL

UC Multi-Domain TLS/SSL

EV Multi-Domain TLS/SSL

Wildcard TLS/SSL

Private TLS/SSL

Qualifizierte elektronische Siegelzertifikate

QWAC eIDAS-Zertifikate

QWAC PSD2-Zertifikate

Platinum Services

Zertifizierungsdienste von Entrust

Lizenzmodel

Digitale Signatur

Digitale Signatur

TrustedX-Signaturserver

TrustedX eIDAS

TrustedX Elektronische Signaturen

Signaturzertifikate für Dokumente

Sichere E-Mail-Zertifikate

Gerätezertifikate

Signaturzertifikate für Quellcodes

Entrust Timestamping Authority

Public-Key-Infrastruktur

Public-Key-Infrastruktur

Certificate Hub

Sicherheitsmanager

Anbieter von Entelligence-Sicherheit

E-Reisepass

Validierungsautorität

Managed PKI-Dienst von Entrust

Cryptography-as-a-Service

Microsoft Managed PKI

Managed Offline Root Certificate Authority

Kryptographisches Exzellenzzentrum

Internet der Dinge (IoT)

Verwaltung mobiler Geräte BYOD

Produkte

Identity as a Service

Identity Enterprise

Identity Essentials

Lösungen

PSD2

PIV

Physischer/logischer Zugriff

Sichern Ihrer VPN

Privilegierte Benutzer

Arbeitsplatz-Anmeldung

Sicherheit und Zugriff für Auftragnehmer

Privatkundengeschäft

Kundenportale

Digitaler Bürger

Digitales Onboarding

CIAM-Integration

Datenpanne

Benutzererfahrung verbessern

Verschiedene Benutzergruppen unterstützen

IT rationalisieren

Transaktionsüberprüfung

Portfoliofunktionen

ID-Prüfung

Gerätereputation

Sichere Gerätebereitstellung

Passwortzurücksetzung

Ausgabe von Anmeldedaten

Authentifikatoren

Mobile Authentifizierung

Passwortloser Login

Adaptive Authentication

Single-Sign-On

APIs/SDKs

Betrugserkennung

Produkte

nShield Connect

nShield Edge

nShield Solo

nShield as a Service

nShield Produktions HSM

CodeSafe