Case Study: OpenSSL 2012 Validation
INSTITUTE FOR DEFENSE ANALYSES ALEXANDRIA VA
Pagination or Media Count:
This is a case study of the Federal Information Processing Standards FIPS 140-2 validation of the OpenSSL FIPS Object Module that led to certificate 1747 initially awarded on June 27, 2012. This case study documents what happened during the validation, including identifying lessons learned for future projects. OpenSSL is a cryptographic library available through an open source software OSS license. The Defense Advanced Research Projects Agency DARPA provided funding for the evaluation of the OpenSSL FIPS module for two platforms in 2011 through 2012. Once DARPA committed to this initial funding, many other organizations both government and private joined the evaluation project by providing additional funding. Overall, this demonstrates that when organizations pool their resources, they can achieve far more than any one of them would have been willing to do on its own.
- Computer Programming and Software