• The Federal Information Processing Standards (FIPS) 140-2 validation scheme for cryptographic modules is jointly administered by the US National Institute of Standards and Technology (NIST) and the Canadian Communications Security Establishment (CSE).Testing is performed by certified independent test laboratories with validation ultimately being approved by NIST.
• The FIPS 140-2 scheme applies to a range of cryptographic devices including key managers and hardware security modules (HSMs) and supports multiple levels of validation that range from purely software based systems (Level 1) to fully hardened tamper resistant and tamper responsive systems that deliver significantly higher levels of assurance.
• Thales keyAuthority is a standards-based key management solution with a tamper resistant and tamper evident chassis that provides protection and policy based automation for the entire key management lifecycle ranging from key generation, key distribution, key archival and ultimately key destruction. Key Authority can support up to 25 million keys used by thousands of cryptographic devices.
• keyAuthority includes support for legacy key management protocols and is the only security hardened solution that supports IBM tape and disk encryption via its native TKLM (Tivoli Key Lifecycle Manager) capability.
Brocade encryption-enabled SAN switches are also supported.
Richard Moulds, vice president, strategy, Thales e-Security, says: "Key management systems protect the keys to the kingdom and therefore become one of the most attractive targets for attackers inside and outside the organization. Our customers recognize the need to deploy systems with enhanced levels of security but quantifying that requirement is notoriously difficult, FIPS 140-2 Level 3 provides a convenient and yet meaningful benchmark. It's easy for vendors to make security claims about their products and therefore this validation of keyAuthority by NIST gives our customers the confidence that they need in order to trust our products with their most valuable digital assets, today and into the future."
• Thales keyAuthority
• Thales e-Security product certifications:
• NIST: http://www.nist.gov/index.html
For industry insight and views on the latest key management trends check out our blogs www.thales-esecurity.com/blogs
Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube
About Thales e-Security
Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology, manufacturing, government and technology sectors. With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and secure more than 80% of worldwide payment transactions. Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com
Thales is a global technology leader for the defence & security and the aerospace & transport markets. In 2011 the company generated revenues of €13 billion with 67,000 employees in 56 countries. With its 22,500 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners.