尊敬的客户、合作伙伴以及朋友们:
即日起,atsec中国的此官方博客暂停更新。新的链接如下:
也可以继续访问atsec官网www.atsec.cn的“博客”链接访问。
祝2023新年快乐。
The CMVP published four FIPS 140-3 certificates today, marking
the first modules to go through testing and validation under the
new version of the FIPS 140 standard. FIPS 140-3 became effective
on September 22, 2019, and testing began on September 22, 2020.
FIPS 140-3 has been mandatory for new modules since September 22,
2021.
The certified modules are:
After two years of virtualized conferences, the ICCC was back
in person once again. The ICCC 2022 was held from November 15-17 in
Toledo, Spain. It was a welcoming feeling to meet face-to-face with
our customers, certification bodies, and peers alike. We
reconnected with familiar faces and made new friends.
The biggest highlights of the ICCC 2022 included the
publication of the new Common Criteria version (CC:2022 Release 1)
and its companion CEM:2022 along with their transition policy on
the Common Criteria Portal. There were also many presentations with
focus on the European Common Criteria (EUCC) scheme. Another
highlight was NIAP’s statement on the NSA’s Commercial National
Security Algorithm (CNSA) Suite 2.0.
In addition to hosting a booth, we had representatives from
many of our branch offices including Germany, Italy, Sweden, and
United States in attendance. A handful of our colleagues
participated in the Common Cr
We want to draw your attention to the following publication
issued by the German Federal Office for Information Security
(BSI):
https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2022/221005_Apple_Sicherheitsfunktionen.html
In a nutshell for the non-German readers, the article states that
Apple has agreed to an independent evaluation of the core security
functions of iOS and iPadOS by BSI. This evaluation has been
conducted according to the national requirements on equipment to be
used for handling classified information. These requirements are
comparable to the standards and the methodology of Common Criteria.
The evaluation results confirm the effectiveness of the core
security functions integrated in iOS and iPadOS. This includes also
Apple's first party apps for e
第21届国际通用评估准则会议(ICCC:International Common Criteria Conference
2022)将于2022年11月15日至17日在西班牙托莱多(Toledo)举行。
与往常一样,atsec信息安全期待有机会与通用评估准则(Common
Criteria)和IT安全社区的同行建立联系并交换想法。经过两年的虚拟会议,我们很高兴有机会再次能够面对面的交流。
我们的同事将分别针对不同的有兴趣的话题开展技术讲演:
Michael Vogel, Managing Director, atsec information security,
德国
Rasma Mozuraite Araby, CEO, Lab Manager, atsec information
security, 瑞典
Cheng Jiang, Principal Consultant, CC evaluator, atsec information
security, 瑞典
作为德国最早的公司之一,atsec已经获得由德国联邦信息安全办公室BSI(Bundesamt für Sicherheit
in der Informationstechnik)维护的德国网络设备安全保证体系网络空间认证体系 - 德国实施(NESAS
CCS-GI:Network Equipment Security Assurance Scheme Cybersecurity
Certification Scheme - German
Implementation)体系所认证的评估实验室。该认证体系基于移动通信协会GSMA(Groupe Speciale Mobile
Association)NESAS所创建,在GSMA
NESAS体系中atsec可以针对安全关键的4G/5G电信设备开展安全测试(也即,SCAS测试)。
NESAS致力于提供全行业的安全保证框架,以促进整个行业安全级别的提高。它定义了安全产品开发和产品生命周期流程的安全要求和评估框架,以及用于网络设备安全评估的安全测试用例。安全要求已经定义,并由第三代合作伙伴项目3GPP(3rd
Generation Partnership Project)积极维护,3GPP
atsec is one of two German NESAS CCS-GI laboratories: