This content has been marked as final. Show 3 replies
If you want to comply with FIPS, you should see following documents:
Also pay attention to this (from http://docs.oracle.com/cd/E14072_01/network.112/e10746/asointro.htm#i1008266)
Oracle Advanced Security Release 8.1.6 has been validated under U.S. Federal Information Processing Standard 140-1 (FIPS) at the Level 2 security level. This provides independent confirmation that Oracle Advanced Security conforms to federal government standards. FIPS 140-1 related configuration settings are described in Appendix D, "Oracle Advanced Security FIPS 140-1 Settings".
The cryptographic libraries for SSL included in Oracle Database 10g have been validated under FIPS 140-2 at the Level 2 security level. FIPS 140-2 related configuration settings are described in Appendix E, "Oracle Advanced Security FIPS 140-2 Settings".
Right, I understand 10G is FIPS 140-2 compliant, but 11G and Advanced Security does not have any documentation supporting that.
Additionally, the 11G Administrators Manual specifically states 10G is FIPS 140-2 compliant, and continues to state how to configure 10G, and not mention 11g or Advanced Security.
978753 wrote:Three different id's posting essentially the same question:
Anybody have documentation supporting Oracle 11G and Advanced Security stating encryption at rest is FIPS 140-2 compliant?
Connection/Network encryption in Oracle Standard Edition 11gR2
Oracle 11G and Advanced Security FIPS 140-2 Compliant encrypt data at rest
Maybe you guys should be talking to each other. Or are you really the same guy?