Open Standards Based Cryptographic Solutions
CESG Information Assurance Manuals T, V and Y set out standards for
configuration and use of the TLS, IPSec and WiFi WPA2 protocols, respectively,
to allow them to be used to protect up to and including RESTRICTED
HMG material. These standards are not intended as a replacement for
cryptographic solutions using Baseline Grade evaluated products but
may be appropriate for smaller requirements where flexibility is important,
and a risk management decision has been taken not to use CAPs-approved
products.
The Manuals recommend that CESG should be consulted as early as
possible in the system design cycle to ensure that the network architecture
and supporting security functions are appropriate.
Solutions which employ Manual T, Manual V or Manual Y implementations
must be validated by CESG to confirm full compliance. Validation
work will be undertaken on a consultancy basis, and CESG CAMS should
be engaged early on in the project life cycle to ensure that validations
can be carried out in a timely manner, thereby minimising the impact
to project delivery.
|