Red Hat完成了FIPS 140-2认证
2013-04-23北卡罗来纳州,罗利 - Red Hat公司(纽约证券交易所:RHT),世界领先的开源解决方案的提供者,今天宣布完成了7个来自美国政府的国家标准与技术委员会(NIST:National Institute of Standards and Technology )的联邦信息处理标准(FIPS:Federal Information Processing Standard)140-2认证。这标志着Red Hat在美国政府的最大认证工作的完成。
信息安全官员的任务是对数据和信息系统维护更强的控制。美国联邦机构使用密码为基础的安全系统保护计算机、电信系统和其他IT相关产品中的敏感信息,这些机构必须使用经过FIPS-140认证的系统,从而满足这些安全要求。同样,FIPS 140-2验证在加拿大由国家机构要求,并且在欧洲和澳大利亚被广泛认可。
Red Hat公共部副总裁兼总经理Paul Smith说:“在处理高度敏感信息的同时,IT安全是我们的客户最关注的,特别是那些在联邦政府部门。完成这些FIPS 140-2的认证强化了Red Hat对满足这些实体的IT需要的承诺,并提供世界范围联邦机构所要求的必要的安全保护级别。
在HP ProLiant DL585和IBM BladeCenter(R)HS22服务器上的Red Hat Enterprise Linux 6.2已经完成了如下FIPS 140-2认证:
- 内核加密API密码模块(Kernel Crypto API Cryptographic Module)
- dm-crypt密码模块(dm-crypt Cryptographic Module)
- OpenSwan密码模块(OpenSwan Cryptographic Module)
- OpenSSH-Client密码模块(OpenSSH-Client Cryptographic Module)
- OpenSSH-Server密码模块(OpenSSH-Server Cryptographic Module)
- OpenSSL密码模块(OpenSSL Cryptographic Module)
- Libgcrypt密码模块(Libgcrypt Cryptographic Module)
商务部长(Secretary of Commerce)批准由NIST针对美国联邦计算机系统开发的标准和指导方针。NIST针对美国政府的强制要求,开发FIPS系列标准,例如针对安全性和互操作性,且没有其他可接受的标准或者解决方案。FIPS 140出版系列从针对硬件和软件的密码模块领域整合要求和标准,以实现FIPS 140-2验证,密码模块由独立的、被认可的测试机构进行严格的测试。
今天宣布的验证测试由atsec信息安全公司位于奥斯汀的密码和安全测试实验室执行。atsec是一家独立的在IT安全标准领域拥有长期经验的公司。
atsec评论:“祝贺Red Hat成功通过FIPS 140-2认证。Red Hat持续作为行业的领导者,不断增加完成FIPS 140-2密码模块验证的数量,这些模块进行定期更新、重新测试和重新验证符合FIPS 140-2标准;这些加密模块会应用在红帽的产品中。Red Hat的开发人员和管理团队展示了以最高的质量产品满足客户合规要求的持续承诺。他们通过独立审查、测试和验证,保证承诺的有效性。”
美国政府的国家标准与技术委员会(NIST)验证的FIPS 140-1和FIPS 140-2密码模块的完整列表,请访问http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm
关于红帽股份有限公司
Red Hat是世界领先的开源软件解决方案提供商,面向可靠且高性能的云、Linux、中间件、存储和虚拟化技术采用社区驱动的方法。Red Hat还提供一流的技术支持、培训和咨询服务。Red Hat作为全球化的发展的企业、合作伙伴和开源社区的连接枢纽,帮助创造相关和创新的技术,这些技术针对发展释放资源且针对IT未来进行客户准备。更多信息:http://www.redhat.com。
前瞻性声明(Forward-Looking Statements)(英文信息)
Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to delays or reductions in information technology spending the effects of industry consolidation the ability of the Company to compete effectively uncertainty and adverse results in litigation and related settlements the integration of acquisitions and the ability to market successfully acquired technologies and products the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property the ability to deliver and stimulate demand for new products and technological innovations on a timely basis risks related to data and information security vulnerabilities ineffective management of, and control over, the Company's growth and international operations fluctuations in exchange rates and changes in and a dependence on key personnel, as well as other factors contained in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission's website at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of this press release.
Red Hat, JBoss and the Shadowman logo are registered trademarks of Red Hat, Inc. in the U.S. and other countries. Linux is a registered trademark of Linus Torvalds.