FIPS 140-2 Certification / TAA Compliance
- Why These Matter?

FIPS 140-2 Certification / TAA Compliance

Data security is essential for any organization or business such as governments, healthcare, military, research organizations, education, financial, small/medium/large enterprises, and individuals.

NIST (National Institute of Standards and Technology) and Canada’s CCCS (Canadian Centre for Cyber Security) collaboratively created FIPS 140-x standard to document cryptographic validation requirements for cryptographic module manufacturers. FIPS 140-2 requires the US government facilities and agencies only to use the cryptographic devices validated by FIPS 140-2 validation program.

TAA (Trade Agreements Act: 19 U.S.C. § 2501–2581) fosters fair international trade with certain designated countries.

It is required for US governmental facilities or device manufacturers to serve US governmental facilities to select properly validated cryptographic modules. There are several terms and approaches around FIPS 140-x, which sometimes confuse purchasers of FIPS products.

This white paper contains:

  • The Rising Importance of Data Security and Its Challenges
  • What is FIPS 140-2?
  • FIPS 140-2 Security Level
  • FIPS 140-2 Validation Program
  • FIPS Inside Approach for Equipment OEMs
  • What is TAA Compliance?
  • Why do FIPS 140-2 and TAA Compliance Matter?
  • Silex Technology’s Approach to FIPS 140-2 / TAA
  • Silex Technology’s FIPS Products
  • Why Silex Technology?