Federal Information Processing Standards (FIPS) 140-2 is a U.S. standard for the security of cryptographic modules. It includes a broad set of security requirements covering everything from the physical security, cryptographic key management, roles and services, and cryptographic algorithm implementation that must be met before the cryptographic module can be approved as “validated”.
COMMERCIAL SOLUTIONS FOR CLASSIFIED PROGRAM (CSFC)
CSFC is a process that enables commercial products to be used in layered solutions to protect classified information while speeding up the deployment timeline so that a solution can be fielded in months, versus years. The program was designed to allow use of multiple unclassified COTS products instead of classified Type 1 Government accredited products to secure classified data.
DOD INFORMATION NETWORK APPROVED PRODUCT LIST (DODIN APL)
The DoDIN APL, maintained by the Defense Information Systems Agency (DISA), is a consolidated list of products that have been certified for use on Department of Defense networks. DoDIN APL certification effectively gives listed products DISA’s seal of approval and signifies the products have completed Cybersecurity (CS) and Interoperability (IO) certification.