本文件提供了建议和检查表，可用于支持组织安全系统中的密码模块在其操作环境中的规范和操作测试。 加密模块具有ISO/IEC 19790定义的四个安全级别，以提供广泛的数据敏感性（例如，低值管理数据、百万美元资金转账、生命保护数据、个人身份信息和政府使用的敏感信息）和多种应用环境（例如，受保护的设施、办公室、可移动媒体和完全不受保护的位置）。 本文件包括: a） 对密码模块的安装、配置和操作进行安全评估的建议； b） 建议检查密钥管理系统、身份验证凭证的保护以及操作环境中的公共和关键安全参数； c） 识别密码模块漏洞的建议； d） 密码算法政策、安全指导和法规、安全管理要求、11个要求领域的安全级别、安全功能的强度等检查表。；和 e） 确定加密模块的部署是否满足组织安全要求的建议。 本文件假设加密模块已验证为符合ISO/IEC 19790。 如果需要，它可以与其他建议一起由操作测试人员使用。 本文档仅限于与加密模块相关的安全性。它不包括评估操作或应用程序环境的安全性。它没有定义识别、评估和接受组织运营风险的技术。 如图1所示，组织的认证、部署和运营流程不包括在本文件的范围内。 本文件涉及在其操作环境中对密码模块执行操作测试的操作测试人员，他们授权密码模块的官员。

This document provides recommendations and checklists which can be used to support the specification and operational testing of cryptographic modules in their operational environment within an organization's security system. The cryptographic modules have four security levels which ISO/IEC 19790 defines to provide for a wide spectrum of data sensitivity (e.g. low-value administrative data, million-dollar funds transfers, life-protecting data, personal identity information, and sensitive information used by government) and a diversity of application environments (e.g. a guarded facility, an office, removable media, and a completely unprotected location). This document includes: a) recommendations to perform secure assessing for cryptographic module installation, configuration and operation; b) recommendations to inspecting the key management system, protection of authentication credentials, and public and critical security parameters in the operational environment; c) recommendations for identifying cryptographic module vulnerabilities; d) checklists for the cryptographic algorithm policy, security guidance and regulation, security manage requirements, security level for each of the 11 requirement areas, the strength of the security function, etc.; and e) recommendations to determine that the cryptographic module's deployment satisfies the security requirements of the organization. This document assumes that the cryptographic module has been validated as conformant with ISO/IEC 19790. It can be used by an operational tester along with other recommendations if needed. This document is limited to the security related to the cryptographic module. It does not include assessing the security of the operational or application environment. It does not define techniques for the identification, assessment and acceptance of the organization's operational risk. The organization's accreditation, deployment and operation processes, shown in Figure 1, is not included to the scope of this document. This document addresses operational testers who perform the operational testing for the cryptographic modules in their operational environment authorizing officials of cryptographic modules.