ISO/IEC 19790:2006 PDF

Scope: This International Standard specifies the security requirements for a cryptographic module utilized within a security system protecting sensitive information in computer and telecommunication systems. This International Standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g., low value administrative data, million dollar funds transfers, and life protecting data) and a diversity of application environments (e.g., a guarded facility, an office, and a completely unprotected location). Four security levels are specified for each of 10 requirement areas. Each security level offers an increase in security over the preceding level. While the security requirements specified in this International Standard are intended to maintain the security provided by a cryptographic module, compliance to this International Standard is not sufficient to ensure that a particular module is secure or that the security provided by the module is sufficient and acceptable to the owner of the information that is being protected.

ISO/IEC 19790:2006 history

2015 ISO/IEC 19790:2012/Cor 1:2015 Information technology.Security technology.Security requirements for cryptographic modulesTechnical corrigendum 1
2012 ISO/IEC 19790:2012 Information technology - Security techniques - Security requirements for cryptographic modules
2008 ISO/IEC 19790:2006/Cor 1:2008 Information technology - Security techniques - Security requirements for cryptographic modules; Technical Corrigendum 1
2006 ISO/IEC 19790:2006 Information technology - Security techniques - Security requirements for cryptographic modules