4th CACR Information Security Workshop
Les Biggs, InfoGard
FIPS 140-1(2) and its Role in Information Security Strategies
The philosophy and motivation behind the establishment of the FIPS 140
standard emphasizes its value in today's information age. More than a
methodology, FIPS 140 validation is a specification based on well
established standards addressing security requirements over a wide
spectrum of data sensitivities. We will give an overview of the standard,
its objectives and methodologies, as well as the Validation Program
designed to carry out those objectives. With the recent approval of the
Common Criteria Standard, the roles of the two programs in the commercial
world and how they will benefit each other is a natural topic
and will be explored. The value of the role played by the third party
laboratory in these processes will also be highlighted.
Les Biggs is vice president and co-founder of InfoGard Laboratories.
Les has 30 years of experience in information security issues as well
as security product design and manufacturing. In the late 1980's Les
began his participation in the development of the FIPS 140-1 cryptographic
implementation standard. Subsequently he formed InfoGard laboratories,
the first NIST accredited cryptographic laboratory, to validate designs
to that standard.