FIPS 140-2 2006-08-29 Data Federal Information Processing Standards Publication 140-2 documents a standard to be used by Federal organizations in cryptographic-based security systems used to provide protection for sensitive or valuable data. The selective application of technological and related procedural safeguards is an important responsibility of every Federal organization in providing adequate security in its computer and telecommunication systems. Protection of a cryptographic module within a security system is necessary to maintain the confidentiality and integrity of the information protected by the module. This standard specifies the security requirements that will be satisfied by a cryptographic module. The standard provides four increasing, qualitative levels of security intended to cover a wide range of potential applications and environments. The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include cryptographic module specification; cryptographic module ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self-tests; design assurance; and mitigation of other attacks. For additional information see http://csrc.nist.gov/cryptval/140-2.htm Records Management Component Framework Security Supporting Security Services FIPS 140-2