Under the hood of FIPS 140-2 Validations
Atmel Achieves World First with Industry’s First Flash Smart Card IC Certification to Common Criteria EAL4+
By John Morris, president and co-founder of Corsec Security
So you’ve heard about people talking about FIPS 140-2 and Common Criteria, but you can’t seem to get a comprehensive explanation of what these things are? Well, this short article attempts to do just that: explain what these programs really are, and what they mean in practical terms. We’ll try to cut through the jargon, and explore what it actually means in real life.
What are they?
FIPS 140-2 and Common Criteria are two security-product certification programs run by government. FIPS 140-2 says the cryptographic parts of a product must be done to the government’s satisfaction. Common Criteria (all the cool kids are saying “CC”) details a range of security related topics (like auditing, or software development practices) and what the government requires for different types of products.
This rest of this article is only available to subscribers.
Subscribe or sign in to access this and other articles more than than sixty days old.
  |  |
