earticle

영어

A various types of cryptographic modules are utilized within a security system protecting sensitive information in computer and telecommunication systems. The approved authorities as like KCMVP, CMVP, JCMVP validate various types of cryptographic modules and assure the security of the module. When the cryptographic module is utilized in a diversity of application environments, it needs the professional technology to choice the cryptographic module which is proper to the application environments. Therefor if the information system owner acquires the cryptographic module to operate the information system safely, it is necessary to authorize the module through the authorization process. This paper proposes accreditation process to authorize cryptographic module when information system owner acquires a cryptographic module which was validated by the approved authority. The cryptographic module is claimed by ISO/IEC 19790 and ISO/IEC 247859. The authorization process and accreditation method which is proposed by this paper is useful when the system owner approves the cryptographic module to operate in the information system