Privilege Management for Unix and Linux FIPS 140-2 Compliance Statement
The Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS 140-2) is a U.S. government computer security standard used to accredit cryptographic modules.
This document details the FIPS 140-2 approved third-party cryptographic modules used in BeyondTrust Privilege Management for Unix and Linux.
The compliance of Privilege Management for Unix and Linux with FIPS 140-2 is ensured by the use of exclusively FIPS 140-2 compliant, third party cryptographic algorithms, and using the algorithms as the only providers of cryptographic services as applicable for product operation.
Cryptographic algorithms are only used if High Security is enforced.
Third-Party Cryptographic Modules
|Product Area||Encryption||Library||Manufacturer, Version|
|All data encryption and network communications||
|FIPS compliant OpenSSL||OpenSSL, 1.0.2a|
|Binary file checksum and Authentication HASH for REST services||MD5||Source built into the product||Derived from Open Source code originally written by Colin Plumb 1993|