Third Party Security Certifications

DBsign® has undergone rigorous testing and evaluation by independent third parties.

NIAP CCEVS Logo 150px

NIAP Common Criteria Validation. The Common Criteria is an internationally recognized set of security evaluation criteria that was developed by the National Security Agency (NSA). It replaces the older Trusted Computing Security Evaluation Criteria (TCSEC, aka, the “Rainbow Series”, or “Orange Book”). DoD directive 8500.1 mandates that all security products used in DoD be validated under the Common Criteria. DBsign® was the first and is still the only digital signature product to be NIAP Common Criteria Validated. DBsign® 4.0 is also the first and currently the only digital signature product to be validated against DoD's Protection Profile for Public Key Enabled Applications which outlines the security requirements for applications which use PKI technologies.

JITC Logo 150px

DoD Joint Interoperability Test Command PKE Interoperability Certification. DBsign® has been certified through JITC PKE interoperability validation multiple times, each time passing with zero defects. DoD JITC PKE certification ensures that DBsign® is fully interoperable with DoD's Public Key Infrastructure. A major component of JITC PKE testing is the NIST Public Key Infrastructure Test Suite (PKITS), which ensures that DBsign® correctly performs certificate path validation according to the relevant security standards.

FIPS 140-2 Validated Logo 150px

FIPS 140-2 Validated Cryptography. DBsign®, itself, is not a cryptographic module and as such cannot be directly validated under the FIPS 140 specification. However, DBsign can use a variety of cryptographic modules which HAVE been FIPS 140 validated, and the use of FIPS 140 validated modules is a requirement of both NIAP CCEVS and JITC PKE evaluation. Such modules include:

  • Microsoft CryptoAPI modules built into Windows,
  • Mac OS X cryptographic module,
  • Network Security Services (NSS, validated on multiple platforms including Windows, Apple OS X, Linux, Solaris),
  • PIV and CAC smart cards,
  • and others.