FIPS 140-2

The Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS PUB 140-2), commonly referred as FIPS 140-2, is a US government computer security standard used to validate cryptographic modules. FIPS 140-2 was created by the NIST and, per the FISMA, is mandatory for US and Canadian government procurements. Many global organizations are also mandated to meet this standard. FIPS 140-2 compliance has been widely adopted around the world in both governmental and non-governmental sectors as a practical security benchmark and realistic best practice.

Entrust delivers security products that have been tested and validated against the rigorous FIPS 140-2 encryption compliance standard. Entrust FIPS 140-2 compliant products help you comply with regulations while also giving you the confidence you need in your cryptographic tools.

Présentation

Security Standard

According to FIPS Publication 140-2:

“[FIPS PUB 140-2] provides a standard that will be used by Federal organizations when these organizations specify that cryptographic-based security systems are to be used to provide protection for sensitive or valuable data. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. This standard specifies the security requirements that will be satisfied by a cryptographic module.

The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks.”

Certification Authorities

The US NIST (National Institute of Standards and Technology) and Canadian CSE (Communications Security Establishment) jointly participate as certification authorities in the CMVP (Cryptographic Module Validation Program) to provide validation of cryptographic modules to the FIPS 140-2 standard.

For more information, read our What is FIPS 140-2? FAQ page.

Compliance Overview

Entrust nShield HSM Support for FIPS 140-2 Security Standard

The Entrust nShield® family of hardware security modules (HSMs) conform to the FIPS 140-2 security standard. Entrust nShield HSMs, available in FIPS 140-2 Level 1, 2 and 3 models, provide secure solutions for generating encryption and signing keys, creating digital signatures, encrypting data and more in a variety of environments.

Product Compliance Detail

Please find a summary of nShield FIPS 140-2 and other certifications

Entrust nShield HSM FIPS 140-2 and Other Certifications

Ressources

Brochures: Entrust nShield HSM Family Brochure

Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.

Entrust nShield HSM Family Brochure

Datasheet: Entrust nShield Connect

Entrust nShield Connect HSMs are certified, networked appliances that deliver cryptographic key services to applications distributed across servers and virtual machines.

Entrust nShield Connect Datasheet

Datasheet: Entrust nShield Solo

Entrust nShield Solo HSMs are certified PCI-e card-based solutions that deliver cryptographic key services to applications hosted on individual servers and appliances.

Entrust nShield Solo Datasheet

Datasheet: Entrust nShield Edge HSMs

Entrust nShield Edge HSMs are USB-connected desktop devices that provide convenience and economy for environments requiring low-volume cryptographic key services.

Entrust nShield Edge Datasheet

Certificats numériques

Certificats numériques

Norme TLS/SSL

Avantage TLS/SSL

UC Multi-Domaine TLS/SSL

EV multidomaine TLS/SSL

TLS/SSL Wildcard

TLS/SSL privé

Certificats Qualified Electronic Seal Certificates

Certificats eIDAS QWAC

Certificats PSD2 QWAC

Services Platinum

Services de certificats Entrust

Plan d’abonnement

Signature numérique

Signature numérique

Serveurs de signature TrustedX

TrustedX eIDAS

Signatures électroniques TrustedX

Certificats de signature de documents

Certificats de messagerie sécurisée

Certificats de périphériques

Certificats de signature de code

Entrust Timestamping Authority

Infrastructure à clé publique (PKI)

Infrastructure à clé publique (PKI)

Plateforme de certificats

Security Manager

Entelligence Security Provider

Passeport électronique

Autorité de validation

Service PKI géré par Entrust

La cryptographie en tant que service

PKI gérée par Microsoft

Autorité de certification de racine gérée hors ligne

Centre d’excellence cryptographique

Sécurité de l’internet des objets (IoT)

Gestion des appareils mobiles BYOD

Produits

Identity as a Service

Identity Enterprise

Identity Essentials

Solutions

PSD2

PIV

Accès physique/logique

Protégez votre VPN

Utilisateurs privilégiés

Connexion au poste de travail

Sécurité et accès des entrepreneurs

Services bancaires aux consommateurs

Portails clients

Citoyen numérique

Intégration du numérique

Intégration CIAM

Violation des données

Améliorer l’expérience des utilisateurs

Support à divers groupes d’utilisateurs

Simplifier les technologies de l’information

Vérification des transactions

Capacités du portefeuille

Vérification de l’identité

Réputation des périphériques

Mise à disposition de périphériques sécurisés

Réinitialisation du mot de passe

Émission de Titres Sécurisés

Identifiants

Authentification mobile

Connexion sans mot de passe

Authentification flexible

Connexion unique

APIs/SDKs

Détection des fraudes

Produits

nShield Connect

nShield Edge

nShield Solo

nShield en tant que service

HSM nShield de personnalisation

CodeSafe