|  Home  |  About COACT  |            COMMON CRITERIA   FIPS 140-2   Our Lab   Our Approach   Services   FIPS FAQ   Clients   Algorithms   CERTIFICATION (C&A)   SECURITY SERVICES FIPS 140-2 : Services   COACT offers the following services in support of your FIPS 140-2 validation: Pre-Validation Consulting Documentation of Evidence Evidence Development Algorithm Testing Validation Assistance Pre-Validation Consulting COACT provides a validation readiness assessment of the product prior to beginning the validation process. This assists the vendor in determining FIPS compliance of the product, the FIPS level to be attained, and the level of effort required to satisfy FIPS requirements. Pre-validation assessments can take many forms, depending on the vendor’s needs. They can range from a FIPS 140-2 instructional interview to a detailed gap analysis of the product and documentation requirements. COACT can arrange for both architectural design assistance and for documentation evidence development assistance. Pre-validation consulting helps to ensure a successful validation by identifying non-compliance issues before the validation process begins. This gives the vendor the flexibility in planning for the validation as well as keeping the vendor‘s validation related costs to a minimum. Documentation of Evidence If the evidence necessary for a FIPS 140-2 validation has not yet been compiled, COACT can assist you with this. COACT can arrange consulting services that begin in the design stage or at any later time to assist you to design with FIPS compliance in mind and to assist in the creation of design documentation necessary to produce the FIPS required documentation. Evidence Development There are standard evidence documentation requirements for a FIPS validation. COACT will explain the evidence requirements, and if you are not able to provide them, we can assist you in developing the appropriate evidence that your product requires. Evidence that COACT can assist develop include: Bills of material Description of module roles and services Description of lifecycle key management Finite state machine Non-proprietary security policy Physical security description Software and hardware descriptions Source code listing for crypto module FCC compliance certificates Vendor evidence DTR Algorithm Testing COACT tests your product to insure that algorithms are properly implemented in accordance with the FIPS 140-2 requirements. Our security engineers are familiar with a vast array of security products. We document the results of the tests and include them in the CMVP Submission Package. Validation Assistance The COACT team is your representative to the CMVP and we assist you to achieve your goals. We voice opinions on your behalf, conduct the appropriate testing, assemble the Submission Package. Once assembled, we submit all the required documentation to the CMVP. COACT interacts with CMVP on your behalf. We provide CMVP with responses to ancillary questions and resolve any discrepancies that may arise. Our goal is to help your product obtain a positive validation.   Contact Us  |  Sitemap  |  Privacy Statement  |  Copyright COACT, Inc. 2005. All rights reserved.