The Information Security Provider
atsec IT Security Blog
News about Common Criteria, FIPS, Conferences
and other topics revolving around IT security.
For a non-paginated list of all of our blog posts, head over to our Blog Archive page.
-
eIDAS for Remote (Centralised Server) Signing
What is eIDAS? Evaluation and certification of trustworthy systems and signature and seal creation devices becomes increasingly important due to the new eIDAS regulation (EU Regulation No. 910/2014) that entered into force in the 28 EU Member States in July 2016. eIDAS is an EU regulation on electronic…
-
As You Like It!
Over the last few years we have seen some maturation in the processes of providing information security assurance. This is good. First let’s roll back into history, to the days in the ‘70’s and ‘80’s, when it could not be safely assumed that the operating systems in use…
-
Yi Mao’s Opening Speech at the Fifth ICMC
“Dear Community, It is the second time that I have had the honor and pleasure to open the International Cryptographic Module Conference. This year is very special since it is the fifth anniversary of the conference. I’d like to welcome you all with an image from the end…
-
Mea Culpa
Unfortunately, atsec has been accused of distributing fake news. Here at atsec we take such an accusation seriously. We have performed a thorough internal investigation and have determined that the accusation is true. atsec has been guilty of disseminating fake news on an annual basis for the last…
-
FIPS 140-2 and ISO Standards
atsec customers who have projects for testing, validating, and certifying cryptographic modules for the US government market are intimately familiar with the FIPS 140-2 standard. This standard and its associated supporting documents are produced and published by NIST. Together, the suite of documents define the specification and testing…
-
ICMC Presidential Debate
The votes have been counted and Zippa Futura and ISO/IEC 19790 win by a large margin:
-
The Vatican Signs the ISO/IEC 15408 International Recognition Arrangement
Recognizing the need for secure IT products in all regions of the world, and in support of an internationally agreed Arrangement allowing for the mutual recognition of independently evaluated and validated information technology (IT) products, the Vatican has decided to sign the ISO/IEC 15408 International Recognition Arrangement (I2RA)…
-
Commercial Assurance of Cryptography in North America
Cryptographic Algorithm Validations The Cryptographic Algorithm Validation Program (CAVP) is an organization that is managed solely by the National Institute of Standards and Technology (NIST). Information about the CAVP scheme, including the official validation lists, can be found at NIST’s web page for the CAVP. The CAVP certifies…
-
The Third International Cryptographic Module Conference Has Begun
The 2015 International Cryptographic Module Conference (ICMC) started yesterday with a day of pre-conference workshops on FIPS 140 Projects, Breaking into Embedded Devices, and Addressing Unique Security Challenges through Standardization. The main conference was opened today by Yi Mao, Ph.D., CST Lab Manager of atsec, followed by keynote…