Choosing Security Solutions That Use Public Key Technology |
Windows 2000 supports FIPS
The FIPS
NIST certifies modules that are FIPS
All Windows 2000 cryptographic service providers (CSPs) are FIPS 140-1 Level 1 compliant for use by organizations that require FIPS
The FORTEZZA Crypto Cards are Personal Computer Memory Card International Association (PCMCIA) cards developed by the National Security Agency. They are tamper-resistant, hardware-based security tokens that provide cryptographic services such as data confidentiality, user authentication, and data integrity. The way FORTEZZA Crypto Cards function is similar to the way that smart cards and smart card readers function, but FORTEZZA Crypto Cards have more memory and more powerful processors, and they implement the cryptographic algorithms that were chosen for the Defense Message System of the United States Department of Defense.
Like smart cards, FORTEZZA Crypto Cards can be used for secure mail and secure Web communications. FORTEZZA Crypto Cards are usually used to protect sensitive but unclassified information. However, enhanced versions of FORTEZZA Crypto Cards are also available to protect classified information.
Microsoft supports FORTEZZA Crypto Cards for secure mail by using the Defense Message System–compliant versions of Exchange Server and the Outlook 98 messaging and collaboration client. Windows 2000, Internet Explorer, and Internet Information Services also support FORTEZZA Crypto Cards for secure Web communications.
FORTEZZA Crypto Cards require the installation of PCMCIA interfaces on desktop computers and are much more expensive to deploy than industry-standard smart cards and smart card readers. Smart cards provide nearly the same level of security as FORTEZZA Crypto Cards, but for much less cost. Therefore, some United States government agencies are deploying industry-standard smart cards to provide strong security for mail and Web communication as well as interoperability with industry-standard public key information security and messaging systems. For example, the United States Department of Defense has proposed two components of their public key infrastructure — a FORTEZZA-based High Assurance Messaging System and a smart card–based Medium Assurance Messaging System.
High Assurance Messaging Systems use expensive FORTEZZA Crypto Cards and FIPS
Medium Assurance Messaging Systems use inexpensive, industry-standard smart cards and public key infrastructure to provide medium-level information security. Moreover, non-Department of Defense organizations can conduct secure communications with Department of Defense agencies by using industry standard messaging and information security systems, without the need to invest in expensive FORTEZZA technology.
FORTEZZA Crypto Cards are available from a variety of National Security Agency–approved vendors. For more information about FORTEZZA Crypto Cards, contact the card vendors.