The Role of Product Platforms in Information Security: Building on the Success of Cryptographic Modules (A31c)
The Cryptographic Module Validation Program has enjoyed considerable success and longevity since it was first launched in 1995. Cryptographic Modules are part of a larger class of lesser-known reusable components called Product Platforms. Product platforms are a method of developing reusable, scalable components on which systems are built. Using product platforms to provide reusable, scalable, security components is a method of cost-effectively addressing security requirements and issues during the system security life cycle. The growing need for cost-effective integrated security functionality aligns well with the advances of using Product Platforms to deliver repeatable, validated, information security.
This presentation will provide an overview of Product Platforms, their history and success stories. It will provide an overview of how they can be used to provide reusable information security building blocks to systems. The characteristics of FIPS 140-2 validated cryptomodules will be used to demonstrate how Product Platform components can be formally validated and used to implement approved security capabilities in an efficient, cost-effective manner.