Yuan Xu, atsec information security; Di Li, Senior Consultant, atsec China The FIPS PUB 140-2 is used in designing and implementing cryptographic modules for U.S. Federal Government users. Year after year, the FIPS validation is attracting more and more vendors in mainland China. The number of FIPS certificates has increased dramatically since 2011. With the advantage of the multi-language environment and local support, atsec information security corporation has helped many Chinese vendors achieve FIPS certificates. We understand their motivation and need for FIPS validation, we know how to work with them effectively, we see the obstacles during validation, and we are willing to share this information with the audience.
Generally, this presentation will include the following three main parts.
1. Why are Chinese vendors interested in FIPS validation? We will explain their motivation and the marketing trends based on our keen sense of their interests.
2. What types of modules are Chinese vendors mostly interested in? We have done some research and found that the USB token, smart card and HSM are the most popular kind of modules that receive FIPS certificates in China. We will describe the background and explain the reason behind the market.
3. What are the obstacles to work with a Chinese vendor and how to overcome them? The language barrier and the time difference are the two main issues. We will give some examples that describe atsec’s strategy to work with Chinese vendors.