Product Documentation

FIPS Compliance

Mar 12, 2014

The Federal Information Processing Standard (FIPS), issued by the US National Institute of Standards and Technologies (NIST), specifies the security requirements for a cryptographic module used in a security system. All references to FIPS 140 are directed to FIPS 140-2, the second version of this standard.

All data-at-rest encryptions on iOS are using FIPS-certified cryptographic modules provided by the OpenSSL FIPS Object Module (FIPS 140-2 Cert#1747) and the Apple iOS CoreCrypto Module (FIPS 140-2 Cert#1964, #2020).

Citrix MDX Vault components including Worx Apps are encrypted using FIPS-certified cryptographic modules on both iOS and Android platforms. Citrix MDX Vault components are used for securing container-based apps and associated data-at-rest on mobile devices. These components leverage existing NIST Validated Cryptographic Module from OpenSSL (SW Version: 2.0.5, FIPS 140-2 Cert#1747) to achieve FIPS compliance.

All data-in-transit between the mobile device and back-end gateway are encrypted using FIPS-certified cryptographic modules. XenMobile leverages a DMZ-hosted Citrix NetScaler FIPS edition (v10.1) appliance to secure this data. The NetScaler FIPS edition appliance is equipped with a certified Cavlum FIPS 140-2 module (FIPS 140-2 Cert#1369) which only allows FIPS ciphers to be used for encryption to achieve FIPS compliance.

For more information regarding the NIST validated FIPS modules, see the National Institute of Standards and Technology web site.