Definition

Federal Information Processing Standardization 140

Part of the Security management glossary:

Federal Information Processing Standardization 140 is a standard that specifies security requirements for cryptographic modules used by the U.S. government. Federal Information Processing Standardization 140-2 accreditation is required for any cryptography product sold by a private sector company to the U.S. government.

Next Steps

The United States National Institute of Standards and Technology (NIST) develops and issues Federal Information Processing Standardizations (FIPSs) when adequate industry standards do not already exist to ensure that products conform to security requirements. Publication series 140 specifically applies to cryptography modules. The current version of the 140 series is FIPS 140-2.

FIPS 140-2, issued by NIST in 2001, qualitatively specifies security requirements for cryptographic modules in four increasingly severe levels intended to cover the wide range of potential applications and environments in which cryptographic modules might be employed by the government:

Level 1 – The lowest level of security. Requires at least one approved algorithm but no physical security

Level 2 – Requires role-based authentication and some physical security

Level 3 – Requires identity-based authentication and tighter physical security

Level 4 – Highest level of physical security, intended to provide a “complete envelope of protection” around the module

The FIPS 140 requirement is applicable to all U.S. government departments and agencies that use cryptographic-based security systems to protect sensitive but unclassified information, including any organizations selling products to U.S. and Canadian government agencies.

Learn more:

How to verify 140-2 (FIPS 140-2) compliance

USB thumb drive security best practices spelled out by NIST.

This was last updated in June 2010
Posted by: Margaret Rouse

Related Terms

Definitions

  • virtual NAS

    - Virtual NAS is a virtual machine (VM) that acts as a file server for network-attached storage (NAS). In this context, NAS is a dedicated medium with a unique address that provides data storage serv... (WhatIs.com)

  • erasure coding

    - Erasure coding (EC) is a method of data protection in which data is broken into fragments, expanded and encoded with redundant data pieces, and stored across a set of different locations, such as d... (SearchStorage.com)

  • DCPromo (Domain Controller Promoter)

    - DCPromo (Domain Controller Promoter) is a tool in Active Directory that installs and removes Active Directory Domain Services and promotes domain controllers. (SearchWindowsServer.com)

Glossaries

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Government IT

    - Terms related to government IT, including definitions about specific federal, state and local government programs as well as words and phrases about policy and compliance.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Dig Deeper

People Who Read This Also Read...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top