The Information Security Provider
atsec IT Security Blog
News about Common Criteria, Cryptographic Modules, Conferences
and other topics revolving around IT security.
-
Stephan Mueller publishes SP800-90B compliant Linux implementation of CPU Jitter RNG
NIST’s Special Publication 800-90B “Recommendation for the Entropy Sources Used for Random Bit Generation” (SP800-90B) lays out the testing requirements for random bit generators. According to Implementation Guidance 7.18, compliance to SP800-90B will be mandatory for FIPS 140-2 validations starting November 8th 2020. Our colleague Stephan Mueller recently…
-
atsec at the International Common Criteria Conference (ICCC) 2019
atsec participated in ICCC 2019 held in Singapore from October 1st to 3rd in conjunction with Singapore International Cyber Week (SICW). It was the perfect venue to celebrate the 20th anniversary of the Common Criteria standard with an increase of the Common Criteria Recognition Arrangement (CCRA) membership from…
-
CST Newsletter and FIPS 140-3 Change Summary
We invite you to take a look at our CST Newsletter. This newsletter is intended to inform our customers about recent changes within the Implementation Guidance and NIST’s Cryptographic Module Validation Program (CMVP). We also included a high-level summary of changes to the testing and documentation that FIPS…
-
atsec adds Singaporean Common Criteria Scheme accreditation
atsec is pleased to announce that it has been licensed by CSA to be a Common Criteria Testing lab (CCTL) under the Singapore Common Criteria Scheme (SCCS). Please check the Common Criteria Portal:https://www.commoncriteriaportal.org/labs/index.cfm as well the Singapore Common Criteria Scheme:https://www.csa.gov.sg/our-programmes/certification-and-labelling-schemes/singapore-common-criteria-scheme/approved-labs atsec is already operating Common Criteria labs under…
-
A Multi-Level Model for Common Criteria Certificate Maintenance
by Trang Huynh I had the privilege of being on a discussion panel at the NIAP Validator Workshop this past June. The topic for the panel was “Continuous Software Update,” and the issue we were trying to tackle was Common Criteria (CC) evaluations for products with a high…
-
atsec’s ACVT service is operational
atsec is proud to announce that the Automated Cryptographic Validation Testing (ACVT) service is operational. The atsec Cryptographic Security Testing (CST) laboratory is the first ever to achieve operational status with the Automated Cryptographic Validation Protocol (ACVP) production server operated by NIST. atsec’s ACVP tools are fully implemented…
-
atsec’s Rome office is accredited by OCSI for Common Criteria evaluations
atsec is pleased to announce that the atsec Rome office has been accredited by the Italian scheme, OCSI, for performing Common Criteria evaluations. This is in addition to the accreditations by the Italian security agency, OCSI of our atsec laboratories in the U.S., Germany and Sweden. Garibaldi Conte:…
-
Congratulating Qualcomm on CC certification of their Snapdragon 855 SOC
atsec congratulates Qualcomm on the successful evaluation of their Snapdragon 855 system on a chip (SOC) processor. The evaluation was performed jointly by atsec information security laboratory GmbH and T-Systems International GmbH laboratory; with the software evaluation being performed by atsec, and the hardware evaluation performed by T-Systems. atsec…
-
ATSEC PROVIDED PCI TRAINING AT VISA SECURITY SUMMIT 2019
China, Shanghai—From June 19th to 20th, Visa held the Asia Pacific Security Summit in Shanghai, China. During the “Ecosystem Data Security Workshop” on the 19th, Diana Greenhaw, VISA’s Vice President of Global Payment System Risk, gave a speech on “Ecosystem Risk Updates—A Global Perspective”. As one of the…