Security Assurance
Security assurance has to do with how much confidence an organization can place in the proper and secure operation of the PKI components. There are a number of criteria that can be used to gauge the level of confidence that should be associated with a given product, and there are likely to be specific certification or accreditation programs that can help determine this confidence level in a formal manner. For example, the "Federal Information Processing Standards Publication 140-1" [FIPS140-1] establishes criteria for evaluating cryptographic modules, and there are independent laboratories approved to perform FIPS 140-1 evaluations. Other criteria and evaluation procedures are available, including government- and industry-sponsored ...
Get Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
