标准摘要
[中文适用范围]: 本国际标准规定了在保护计算机和电信系统中敏感信息的安全系统中使用的加密模块的安全要求。 该国际标准为加密模块定义了四个安全级别,以提供广泛的数据敏感性(例如,低价值管理数据、百万美元资金转移和生命保护数据)和多样化的应用环境(例如,受保护的设施、办公室和完全不受保护的位置)。 为 10 个需求领域中的每一个领域指定了四个安全级别。 每个安全级别都比前一个级别提供更高的安全性。 虽然本国际标准中规定的安全要求旨在维护加密模块提供的安全性,但遵守本国际标准并不足以确保特定模块的安全或模块提供的安全性足以并可接受受保护信息的所有者。 [外文原描述]: ISO/IEC 19790:2006 specifies the security requirements for a cryptographic module utilized within a security system protecting sensitive information in computer and telecommunication systems. ISO/IEC 19790:2006 specifies the following. Four levels of increasing security for cryptographic modules. Each level offers an increase in security over the preceding level. The following functional security objectives:module specification;ports and interfaces;roles, services and authentication;finite state model;physical security; operational environment;cryptographic key management;self-tests; design assurance;mitigation of other attacks. ISO/IEC 19790:2006 will be complemented by a future International Standard defining the associated evaluation and test methods. ISO/IEC 19790:2006 is derived from NIST Federal Information Processing Standard PUB 140-2 May 25, 2001.
英文名称Information technology - Security techniques - Security requirements for cryptographic modules