Development Consulting

FIPS140-2 Preliminary Planning

Review of existing product documentation.
  • Engineering specifications and design documents
  • Product manuals
Teleconferences with the product design team
Teleconferences with the testing laboratory (as required)
Preparation of a report encompasing:
  • Design issues which require addressing for FIPS140-2 validation
  • Implications on selection of FIPS140-2 validation levels
  • High-level design approach

FIPS140-2 Validation Package Preparation

Preparation of materials required for a FIPS140-2 validation.
  • Security Policy Drafting
  • Vendor Evidence Documentation Drafting
  • Algorithm Validation

Note: these activities require interaction with appropriate technical staff in the client engineering organisation.

FIPS140-2 Testing Laboratory Liason

Interface with the selected Testing Laboratory on behalf of the client.

FIPS140-2 Cryptographic Algorithm Validation Implementation

Assistance and/or implementation of cryptographic algorithm testing for specified algorithms. Includes assistance with review of required runtime tests which must be added to the client product.

FIPS140-2 Submission Package Review

Review of all submission material and assistance with updates to meet the current requirements of FIPS140-2.

FIPS140-2 Re-validation Preparation

For future product releases, revalidation can be straight forward or complicated depending on the nature of the changes to the cryptographic module since the previous release.

Smartcard Interfacing with Multi-Vendor Devices

Interfacing with the smartcard devices from a range of vendors on different platforms.

Smartcards and Embedded Platforms

Embedded platforms offer their own challenges when interfacing to smartcard systems as non-Win32 platforms often means interfacing directly at the APDU level.
  • Card-level Smartcard Interfaces
  • Vendor Smartcard Middleware Interfaces
  • Using Open Source Smartcard Middleware

Public Key Infrastructure Planning

Deployment of smartcard based systems usually involves the creation of X.509 based digital certificates and the associated public key infrastucture for deployment, operation, and lifecycle management.

Find out more …