IBM Receives Top Honors for Security Products
Gaithersburg, MD (October 18, 1999) – The U.S. government’s National Institute of Standards and Technology (NIST) today added the IBM S/390 CMOS Cryptographic Coprocessor and the IBM 4758 PCI Cryptographic Coprocessor to its Cryptographic Modules Validation list. The two industry-leading IBM security products were formally recognized at the 22nd National Information System’s Security Conference awards ceremony in Gathersburg, Maryland.
“IBM has continually shown leadership in security,” said Linda Distel, program director, IBM S/390 security. “This formal U.S. government recognition once again underscores to our customers that IBM offers world-class security for e-business.”
Both the IBM 4758 PCI Cryptographic Coprocessor and the S/390 CMOS Cryptographic Coprocessor were awarded a Level 4 certification, the U.S. government’s highest certification for commercial security in late 1998 and early 1999, respectively. These IBM security devices are the only Cryptographic Coprocessors that have been awarded this level of validation. Granted by the U.S. Department of Commerce’s NIST organization, this security certification is known as the Federal Information Processing Standard (FIPS) 140-1. FIPS 140-1 certification requires an independent, accredited laboratory to perform rigorous testing and thorough security evaluations on behalf of NIST.
The S/390 CMOS Cryptographic Coprocessor is a specialized, hardware cryptographic chip that allows S/390 Parallel Enterprise servers to execute both symmetric key and public-key algorithms for highly secure electronic commerce. The Cryptographic Coprocessor facility performs all cryptographic functions entirely in hardware, within a physically secure boundary. It contains neither software nor micro-code making it virtually tamper-resistant to hackers. When used in combination with OS/390’s security features, it provides an even higher degree of security than software alone.
The IBM 4758 PCI Cryptographic Coprocessor is a state-of-the-art, tamper-responding, programmable PCI card. Its specialized cryptographic electronics, a micro-processor, memory, and random number generator are housed within a tamper-responding environment to provide a highly secure subsystem in which data processing and cryptography can be performed.
Source: IBM