-
atsec attended the Omnisecure conference in Berlin
After two years of video conferences, we were finally able to meet stakeholders of our community again in person as three representatives of atsec Germany attended the Omnisecure conference from June 21st through 23rd 2022 in Berlin. The Omnisecure conference has a clear focus on the German market…
-
Distinguishing encrypted from non-encrypted data
Our colleague Quentin Gouchet, together with Eric Järpe, authored an article on distinguishing encrypted from non-encrypted data. We invite you to read the article here. Introduction:The discrimination of encrypted data from other kinds of data is of interest in many areas of application. For instance for making other…
-
atsec at the (virtual) International Common Criteria Conference (ICCC) 2021
atsec participated in ICCC 2021 from October 19th to 20th, which was held as a fully virtualized conference the second year in a row due to the worldwide pandemic. While we appreciate to have the opportunity to exchange new information as well as give and receive presentations in…
-
atsec at the 2021 ICMC
Please enjoy this year’s animation from Yi Mao’s opening presentation at the 2021 International Cryptographic Module Conference (ICMC). We also invite you to watch a recording of Yi Mao’s welcome address for the ICMC:
-
Do Remote Site Visits Work?
While the home office has become a normality for many IT companies and operations during the pandemic, the requirements for security evaluation, certifications, accreditations, and other approvals have remained constant. Site visits at the development sites are required to achieve the approval of certification and accreditation. How could…
-
Reflections on Security Assurance
Some reflections on security assurance, how it can be achieved and verified, from the view of an evaluation lab. Security assurance is usually hard to grasp and sometimes we have seen there is the misconception how it can be achieved. One of the early milestones in understanding assurance…
-
On Software Supply Chains
by King Ables The attack on the SolarWinds network management platform Orion allowed a bad actor to inject malware into the product prior to it being signed and deployed to customers during a regular software update. This highlights a largely underappreciated but universal truth of the Internet age–almost…
-
atsec is recognized as a NESAS Security Test Laboratory to perform Security Evaluation of Telecommunication Equipment
The GSMA (Global System for Mobile Communications) organization recognizes atsec’s ISO/IEC 17025 accreditation that now allows network product evaluations against NESAS Security Assurance Specifications (SCAS). The NESAS scheme is a collaboration and jointly led by 3GPP and the GSMA, and is open to all vendors of network equipment…
-
Biometric e-Passports
by Richard Fant Figure 1: e-Passports issued by different countries In today’s climate of COVID-19, domestic travel has become difficult, and international travel almost impossible. Many US airlines now require their passengers to submit to a COVID-19 test within 24-48 hours prior to travel to prove the traveler…
