Hypersecu once again has increased their product security offering now announcing the flagship PKI token HYP2003 is now FIPS 140-2 Level 3 certified. The new level of certification opens doors for projects worldwide the require FIPS 140-2 Level 3 certification that may be regulated by local policies, regulations and common practice policies to offer a higher level of security. HYP2003 is a popular choice for two factor authentication, smart card logon, encryption, email encryption, document signing and authentication worldwide sold in over 50 countries due to it's compatibility, excellent support and market leading competitive pricing.
NIST (National Institute of Standards and Technology) states the applicability of "FIPS 140-2 to all Federal agencies that use cryptographic-
NIST (National Institute of Standards and Technology) states applications of usage could be “Cryptographic-
Below is an explanation of FIPS 140-2 Level 3 Certification from NIST, please visit their site for more information http://csrc.nist.gov/
“In addition to the tamper-evident physical security mechanisms required at Security Level 2, Security Level 3 attempts to prevent the intruder from gaining access to CSPs held within the cryptographic module. Physical security mechanisms required at Security Level 3 are intended to have a high probability of detecting and responding to attempts at physical access, use or modification of the cryptographic module. The physical security mechanisms may include the use of strong enclosures and tamper detection/response circuitry that zeroizes all plaintext CSPs when the removable covers/doors of the cryptographic module are opened.
Security Level 3 requires identity-based authentication mechanisms, enhancing the security provided by the role-based authentication mechanisms specified for Security Level 2. A cryptographic module authenticates the identity of an operator and verifies that the identified operator is authorized to assume a specific role and perform a corresponding set of services.
Security Level 3 requires the entry or output of plaintext CSPs (including the entry or output of plaintext CSPs using split knowledge procedures) be performed using ports that are physically separated from other ports, or interfaces that are logically separated using a trusted path from other interfaces. Plaintext CSPs may be entered into or output from the cryptographic module in encrypted form (in which case they may travel through enclosing or intervening systems).
Security Level 3 allows the software and firmware components of a cryptographic module to be executed on a general purpose computing system using an operating system that
• meets the functional requirements specified in the PPs listed in Annex B with the additional functional requirement of a Trusted Path (FTP_TRP.1) and
• is evaluated at the CC evaluation assurance level EAL3 (or higher) with the additional assurance requirement of an Informal Target of Evaluation (TOE) Security Policy Model (ADV_SPM.1).
An equivalent evaluated trusted operating system may be used. The implementation of a trusted path protects plaintext CSPs and the software and firmware components of the cryptographic module from other untrusted software or firmware that may be executing on the system”
For more information on the HYP2003 PKI token and how to test it today please contact Gregory Dunn at firstname.lastname@example.org
Hypersecu Information Systems, incorporated in British Columbia, Canada, is an innovative information security solution provider, dedicated to strong authentication and user identification technology. Hypersecu delivers state-of-the-
Follow Hypersecu on Linkedin, Twitter, Facebook and Youtube