What Does Critical Security Parameter Mean?
A critical security parameter (CSP) is data using a cryptography module to process encryption functions. Data includes passwords, security codes, cryptographic keys, personal identification numbers (PIN) and any other unprotected security information.
Established information security rules protect CSPs, which are only accessible from authorized computer systems. CSPs obtained by unauthorized users pose security threats.
Techopedia Explains Critical Security Parameter
The Federal Information Processing Standards (FIPS) 140 series are computer security specifications and requirements for cryptography modules. In May 2001, the most recent version was issued as FIPS 140-2.
FIPS 140-2 is comprised of four security levels, as follows:
- Level 1: Has limited cryptographic module security requirements but no physical security
- Level 2: Dictates physical security, e.g., tamper-resistant measures and plain text evidence for cryptographic keys and CSPs
- Level 3: Adds physical security to prevent CSP access within the cryptographic module, as well as CSP zeroization after opening the module
- Level 4: Provides the most robust cryptographic module security