FIPS140-2 High Level Overview and Tutorial
One day tutorial session covering the most important aspects of FIPS140-2
cryptographic module validation.
The course includes an outline of the Cryptographic Module Validation Program (CMVP) and the interactions between the various parties involved in module validation. It contains an overview of the requirements which must be met in order to attain validation in each of the 14 areas that are part of the derived test requirements. Examples of realistic validation documentation are used throughout the course. The specific approaches for passing the algorithm validation suite in the Cryptographic Algorithm Validation Suite (CAVS) are covered.
FIPS140-2 Requirements Analysis
Typically this service is provided after the engineering team has
completed the FIPS140-2 High Level Overview and Tutorial.
This one day workshop involves discussion with technical staff as to approaches for validation of your existing or planned modules. A high level review of key items which may require design changes and identification of typical problem areas for existing module validation will be performed. There is no formal report produced as part of this interactive workshop. If a more formal and more in depth approach is required then one of the Development Consulting packages is more appropriate.
Smartcard Technologies and Concepts
An overview of the various technologies used in smartcard systems and
the associated infrastructure components needed to interact with and
effectively deploy smartcard systems.
This two hour workshop provides an overview for developers who are getting started with smartcard systems and need a framework for understanding the various technologies. It includes an overview of the various ISO-7816 standards, USB CCID, PC/SC, PKCS#15, Javacard, PKCS#11, CryptoAPI, CAC, OCF, PIV and how each of these are important and interact in the deployment of smartcard based systems.
Public Key Infrastructure (PKI) Fundamentals
An overview of the technologies used in PKI systems and
strategies needed to interact with and effectively deploy systems
dependant on PKI .
If the presentation is for a Queensland audience then the topic of the Queensland Government PKI Framework will be included.
If the presentation is for a Australian audience then the topic of the Federal Government Gatekeeper Framework will be included. Specific topics include:
- Certificate Policies
- Certification Practice Statements
- Audit Requirements
Authentication and Authorisation (AA) Fundamentals
An overview of the technologies and approaches available for
authentication and authorisation in a multi-vendor environment.
- Standards and Technologies
- Vendor Product Integration
Note: A copy of the presentation materials for limited in-house use are provided. These materials may be used only by the project team involved in the planned validation and are not for general company use.
Find out more …