openPR Logo

Press Releases from atsec information security (42 total)

Call for Papers for the Second International Cryptographic Module Conference

Mark Your Calendar: ICMC 2014, November 19-21, Hilton Washington D.C., Rockville, MD ICMC brings together experts from around the world to confer on the topic of cryptographic modules, with emphasis on their secure design, implementation, assurance, and use, referencing both new and established standards such as FIPS 140-2 and ISO/IEC 19790. We are focused on attracting participants from the engineering and research community, test laboratories, government organizations, the procurers, deployers and administrators

atsec information security Opens South East Asia Office

Bangkok, Thailand – atsec information security is pleased to announce the opening of its atsec South East Asia (atsec SEA) office in Bangkok, Thailand. Since the year 2000, the atsec group of companies have been established experts in information security including Common Criteria, FIPS 140-2, PCI, ISO 27001, and hardware testing. As part of the atsec group of companies, atsec SEA’s objective is to promote information security and information assurance in

atsec completes FIPS 140-2 testing of Watchdata's WatchKey USB Token at Security …

Austin, TX - atsec information security is pleased to announce that its customer, Watchdata Technologies Pte Ltd. (branded as “Watchdata”), received a FIPS 140-2 validation certificate #1640 for the WatchKey USB Token under the CMVP (Cryptographic Module Validation Program) by the National Institute of Standards and Technology (NIST), USA and the Communication Security Establishment of Canada (CSEC). The successful validation result is published on the CMVP’s official website at: http://csrc.nist.gov/groups/STM/cmvp/validation.html The issued

atsec Completes FIPS 140-2 Testing for MIIKOO at Security Level 3

Austin, TX - atsec information security is proud to announce that its customer, Pierson Capital Technology LLC (branded as “Pierson”), received a FIPS 140-2 validation certificate #1634 for their MIIKOO product. The successful validation result is published on the Cryptographic Module Validation Program’s (CMVP) official website at: http://csrc.nist.gov/groups/STM/cmvp/validation.html. The security technology employed by the MIIKOO device was subjected to rigorous testing by atsec’s Cryptographic and Security Testing (CST) laboratory and subsequently validated

IBM’s® z/OS® Version 1 R. 12 System SSL Cryptographic Module Receives FIPS 1 …

Austin, TX – IBM’s® z/OS® Version 1 R. 12 System SSL Cryptographic Module recently received FIPS 140-2 Level 1 certification. The successful certification is listed on the National Institute of Standards and Technology’s (NIST) website (http://csrc.nist.gov/groups/STM/cmvp/validation.html, certification number 1600). The security of information assets is an ongoing problem of increasing importance for many companies in view of the constant rise of threats. IBM® z/OS® - one of the world’s most advanced

Steve Weingart to Speak at the Non-Invasive Attack Testing Workshop in Nara, Jap …

Austin, TX – atsec's principal consultant Steve Weingart will be a panelist at the Non-Invasive Attack Testing Workshop (September 25th – 27th, 2011) in Nara, Japan l. Weingart was asked to join the panel as a laboratory representative discussing the practicality of non-invasive testing and how it fits into the conformance testing and business requirements of the laboratories. He will give a short introduction of the subject matter before joining

atsec information security at PCI Security Standards Council Community Meeting i …

Austin, TX – atsec will be attending and hosting a booth at this year’s PCI-SSC Community Meeting conference in Scottsdale (September 20th to 22nd). We are looking forward to attending the meeting and invite our customers and interested parties to meet with us at this important event. atsec will offer information about its formal assessment services to the PCI Data Security Standard (PCI-DSS) , payment application testing (PA-DSS), and

atsec to Present Four Papers at the 12th ICCC Conference in Malaysia

Austin, TX - As in previous years, several security experts from atsec information security will present sessions at the 2011 International Common Criteria Conference in Selangor, Malaysia (27th – 29th of September). We invite meeting attendees to approach our speakers to learn more about the successful, innovative work done by atsec, the premier global Common Criteria laboratory, including our contributions to Protection Profiles and our many operating system, database, multifunction

atsec information security completes the CAVP cryptographic algorithm testing fo …

Beijing, China – atsec information security is pleased to announce that the cryptographic algorithms implemented in the Watchdata-FIPS-TimeCOS Hardware Cryptographic Library were tested by atsec information security and validated under the CAVP (Cryptographic Algorithm Validation Program) by NIST (National Institute of Standards and Technology). The implemented algorithms of Watchdata-FIPS-TimeCOS Hardware Cryptographic Library and their validation numbers are as follows: TDES, CMAC (No.1057) AES (No.1616) SHA (No.1425) RSA (No.794) DRBG (No.85) More product and manufacturer information can be

DataLocker Enterprise Receives FIPS 140-2 Certification

Austin, TX – atsec information security is happy to announce that its customer DataLocker Inc. received FIPS 140-2 validation certificate #1504 for the DataLocker Enterprise v2.0 encrypted portable hard drive. Issued by the National Institute of Standards and Technology (NIST), the Federal Information Processing Standards (FIPS) 140-2 validation program ensures that cryptographic modules meet appropriate government and military standards for data encryption. DataLocker Enterprise is a FIPS 140-2 validated USB portable

IT Security Companies to Host Protection Profile Developer Workshop

Austin, TX - Parallel to this year's RSA conference in San Francisco, a group of IT security companies (Apex Assurance, Aspect Labs, atsec information security, Cygnacom, and EWA) will host a one-day workshop on the topic of Protection Profile (PP) development. This event is aimed at experts in information security with good knowledge of Common Criteria, who are engaged in developing Protection Profiles as part of their professional activities. Writing a

atsec information security at the Milcom 2010 Conference

Austin, TX/Munich, Germany – atsec will be attending and hosting a booth at the international military communications MILCOM Conference (October 31st to November 3rd, booth 1712) where the theme will be "Next Decade of Military Communications." We invite our customers and interested parties to meet with us at this important event to discuss with our staff the range of IT security testing and evaluation services we offer, such as: Common Criteria

Two IEEE Protection Profiles for Multi-Function Printers Evaluated by atsec info …

Austin, TX/Munich, Germany – Two Protection Profiles (PPs) defining agreed security functional and security assurance requirements for multi-function printers in different environments have been evaluated by atsec on behalf of the IEEE. Each PP postulates different assumptions of the attack potentials and threat scenarios. These PPs each include unique base functionality and contain further SFR packages that specify additional requirements in case the printer implements mechanisms covered by the packages. For

Operating System Protection Profile Published by BSI and atsec information secur …

Austin, TX – atsec is pleased to announce that a new Common Criteria protection profile for operating systems has been published. The protection profile was developed for the German Federal Office for Information Security (BSI) by atsec in cooperation with the OSPP Forum (Argus Systems, HP, IBM (AIX group, z/OS group, Linux group), Juniper Networks, Microsoft, Novell (SUSE), Oracle, Red Hat, SUN, Univention, BSI, NIAP, and atsec). The need for a

PBS Professional Achieves Common Criteria EAL3+ Certification

Independent Evaluation Proves PBS Meets Strict IT Security Standard, Vital to Government Agencies Worldwide Troy, Mich., April 12, 2010 – Altair Engineering (altair.com), the global leader in software solutions that make high performance computing (HPC) faster, simpler and smarter, announced today that PBS Professional version 10.1 has achieved Common Criteria EAL3+ certification. Common Criteria is the international standard for certifying software technology conforms to stringent security requirements. This certification is internationally

atsec's Yan Liu speaks on PCI at China Mobile Payment Industry Summit 2010

Beijing, China - Participants in the 2010 China Mobile Payment Industry Summit, held on April 16 in Beijing, will include related government representatives, industry association members, telecommunication operators, third-party platform suppliers, technical solutions providers, industry application providers, research institute staff, and so on. Following-up from last year’s summit, atsec will again attend and host a booth. In addition, atsec’s Yan Liu will give a speech entitled, “Protection of mobile payment by

atsec Publishes "Payment Card Industry Compliance For Large Computing Systems" W …

Austin, TX - atsec information security is proud to announce the publication the "Payment Card Industry Compliance For Large Computing Systems” white paper. The paper was created by mainframe and PCI experts from atsec and IBM and is now available as a PDF document on atsec’s website at: http://www.atsec.com/us/pci-lcs.html atsec is accredited as a Qualified Security Assessor (QSA) by the Payment Card Industry (PCI) Security Standards Council and has a deep understanding

atsec information security completes four GSA FIPS 201 evaluations for Codebench …

Austin, TX – atsec information security, an accredited laboratory for the GSA FIPS 201 Evaluation Program which runs a product approval program for PIV-related products destined for the U.S. Government market, is proud to announce the successful GSA FIPS 201 evaluation of four Codebench products. Codebench is the first company with solutions evaluated for GSA product categories “Caching Status Proxy,” “PIV Authentication System,” and “CHUID Authentication System.” Codebench’s PIVCheck Plus Desktop

GSA FIPS 201 evaluation for Brady People ID completed by atsec information secur …

Austin, TX – atsec information security is proud to announce the successful GSA FIPS 201 evaluation of Brady People ID’s Rigid Shielded Badge Holder. Brady People ID’s badge holders protect Personal Identity Verification badges (or PIV cards) against skimming attacks that attempt to gain unauthorized access to the information they contain. The successful evaluation and approval of this product provides assurance that the information contained on a PIV card is

atsec achieves Common Criteria Certification for Red Hat Enterprise Linux Versio …

Austin, TX - atsec information security is pleased to announce the successful Common Criteria Certification of Red Hat Enterprise Linux Version 5.3 at EAL 4 (augmented for flaw remediation) with the Controlled Access Protection Profile (CAPP). Under Common Criteria, products are evaluated against strict standards for various features, including security functionality, development environment, security vulnerability handling, documentation of security-related topics, and product testing. The evaluation covers a potentially distributed, but closed,

atsec Announces Common Criteria Certification for Apple Mac OS X v10.6 Snow Leop …

Austin, TX - atsec information security is pleased to announce the successful Common Criteria Certification of Mac OS X Snow Leopard at EAL 3 (augmented for flaw remediation) with the Controlled Access Protection Profile [CAPP]. This certification includes both Mac OS X and Mac OS X Server. The certification of Mac OS X through the German BSI national scheme adds another operating system to atsec's portfolio of over 60 OS evaluations.

atsec conducts testing with charismathics’ CSSI middleware in first NIST PIV P …

Austin, TX - atsec information security is proud to announce that it has performed the first PIV Middleware Validation testing under the NIST PIV Program (NPIVP) for the recently released SP800-73-2 giving the interfaces for Personal Identity Verification. The certificate for the successful validation – of the charismathics Smart Security Interface PIV, Version 2.1.0.9 (certificate no. 12) – was issued on October 23rd and can be found on the Middleware Validation

Four atsec customers received Common Criteria certifications at the 10th ICCC

atsec information security is proud to announce that several of their key customers have been awarded Common Criteria certificates for their complex IT products at the 10th International Common Criteria Conference in Tromsø, Norway. Certificates were awarded to: - IBM for z/OS Version 1 Release 10 - Oracle für Oracle Database 11g Enterprise Edition, Release 11.1.0.7 with Oracle Label Security - Microsoft for Windows Server 2008 Hyper-V Role with HotFix KB950050 All of these products

atsec tests Pierson MIIKOO cryptographic algorithms

Beijing China – Recently, atsec information security tested the cryptographic algorithms implemented by Pierson Capital Technology in its MIIKOO product. Testing included two FIPS Approved cryptographic algorithms validated under the Cryptographic Algorithm Validation Program (CAVP) by the U.S. National Institute of Standards and Technology (NIST), and also another two non-FIPS Approved cryptographic algorithms — HOTP and CRC-32. atsec performed source code review and independent testing on the two algorithms. The NIST

atsec evaluates Oracle® Enterprise Linux at Common Criteria EAL 4+

atsec information security announced today that Oracle® Enterprise Linux Version 5 Update 1 has been certified by the German Common Criteria scheme as conformant to EAL4+ and the Controlled Access Protection Profile (CAPP), Role Based Access Control (RBAC), and Labeled Security Protection Profile (LSPP). The evaluation also covers Oracle Enterprise Linux 5 Update 1 executed in a guest domain on Oracle VM server virtualization software, demonstrating an EAL4+ certified environment.

atsec tests cryptographic algorithms on three ZTEIC chips

Beijing China – Recently, the Approved cryptographic algorithms implemented in ZTEIC Design Co.,Ltd’s three chips were tested by atsec information security, and validated under the Cryptographic Algorithm Validation Program (CAVP ) by the National Institute of Standards and Technology (NIST). The NIST certification validates that the algorithms in these chips have been implemented correctly. Fei Xu, cryptographic algorithm engineer of ZTEIC, notes: “CAVP is meaningful. It not only objectively proved the

atsec and AppGate Network Security achieve CC evaluation of AppGate Security Ser …

Stockholm, Sweden - atsec information security is proud to announce that AppGate Network Security, a leading provider of network security solutions, has achieved Common Criteria certification of the AppGate Security Server under the German BSI scheme. The Common Criteria is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess security and assurance of information technology products. The evaluation process undertaken by atsec information security provided an

Payment Application Data Security Standard PA-DSS published

On Tuesday the PCI Council published the Payment Application Data Security Standard (PA-DSS). atsec information security welcomes the payment card industry’s move to standardize its security requirements. PA-DSS ensures that payment applications protect card holder data responsibly and that appropriate security controls are implemented within software solutions. The goal of PA-DSS is to help software vendors and others to develop secure payment applications that do not store prohibited data,

atsec and BlueSpace partner for Common Criteria evaluation of the Trusted Servic …

Austin-based IT company BlueSpace has chosen atsec information security as their partner for the future Common Criteria evaluation of the Trusted Service Bus. With the support of atsec who have a reputation for on time delivery and providing high quality service especially for complex and high assurance evaluations, BlueSpace will produce a Security Target in order to define the “Target of Evaluation” for the Trusted Service Bus. BlueSpace intend to

atsec scientists find the ultimate buffer overflow protection

Buffer overflow problems have plagued software programmers for at least three decades. While many partial solutions for buffer overflow have been introduced over the years, such approaches failed to leverage the considerable overflow protection experience amassed in other engineering areas. atsec scientists analyzed the proven “non-software overflow solutions” (NSOS) defined in United States Patents No. 5632302 and 4204285 … and have now successfully ported the principles of these technologies to

atsec information security Evaluates IBM z/OS V1R9 - Common Criteria Certificati …

Munich, Germany - atsec information security recently completed the Common Criteria evaluation of IBM z/OS V1R9. The certificate was awarded by Germany\'s Federal Office for Information Security (BSI) to IBM at the CeBIT trade fair. atsec performed the first z/OS evaluation, examining z/OS V1R6, in 2005 at evaluation assurance level 3 (EAL3), followed by re-evaluations of V1R7 in 2006 at EAL4 and V1R8 in 2007 with added security features. For z/OS

CSEC Becomes a Certificate Authorizing Scheme under the CCRA

Danderyd, Sweden - atsec information security congratulates CSEC on completing its significant and successful effort to become a Common Criteria certificate authorizing scheme. atsec is proud to have been a part of this effort and looks forward to continuing its longstanding professional relationship with the Swedish CC scheme. The Swedish Common Criteria Evaluation and Certification Scheme is maintained and operated by the Swedish Certification Body for IT-Security (CSEC), established within the

atsec’s cryptographic and security testing laboratory accredited for SCAP tes …

Austin, TX – atsec information security is proud to announce the successful accreditation of its cryptographic and security testing laboratory as a SCAP (Security Content Automation Protocol) test laboratory under the NVLAP (National Voluntary Laboratory Accreditation Program) supporting the Information Security Automation Program (ISAP); a U.S. government multi-agency initiative to enable automation and standardization of technical security operations. With this addition to the atsec IT security portfolio we will be

atsec supports Siemens AG with preparation and consulting for Sarbanes-Oxley-Con …

Munich, Germany - atsec information security GmbH recently completed a project to provide Sarbanes-Oxley (SOX) consulting services to Siemens AG Munich. Siemens SOA-Executive Dr. Hans-Michael Korff offered the following assessment of atsec’s contribution to the project’s success: “The department providing Shared Services for Siemens AG Munich required validation of the data center services for SOX conformity in 2007. The project started in January 2007, and the deadline was September 2007. Approximately

One step ahead – Initiative „IT Security made in Germany“

TeleTrusT with 14 Partners at RSA Conference 2008 Berlin - For the 8th time TeleTrusT is represented at the biggest IT-Security conference in the world, the RSA Conference 2008 in San Francisco. The association brings more and more German IT specialists as exposition partners on board. From 7 to 11 April 2008 14 companies and the Federal Office for Information Security (BSI) will present their products and competences at the TeleTrusT

Wincor Nixdorf awarded ISO 27001 certification – with the help of atsec infor …

Paderborn, Germany - Wincor Nixdorf AG is one of the first companies in Germany to have been awarded certification for its Information Security Management System by the assessment and certification organization DQS. This means that the IT services provided by Wincor Nixdorf comply with all the requirements of ISO 27001, the international standard for information security management. Certification puts Wincor Nixdorf in a solid position when it comes to performing

atsec Hosts Seminar for Delegation from the Korea Information Security Agency (K …

Austin, TX - atsec hosted a seminar on Common Criteria 3.1 for eleven delegates from KISA, the Korea Information Security Agency. The five-day seminar examined Common Criteria 3.1, which succeeds version 2.3 of the standard and which introduces many changes in the security assurance requirements part of the standard, and in the standard methodology supporting evaluation. The Republic of Korea is a Certificate Authorizing Country within the Common Criteria Recognition Arrangement

atsec Completes Common Criteria Evaluation of Oracle® Enterprise Linux Version …

Munich, Germany -- atsec information security today announced that Oracle® Enterprise Linux Version 4 Update 4 and Update 5 have been certified by the German Common Criteria scheme as conformant to EAL4+ and the Controlled Access Protection Profile (CAPP). The completion of this evaluation adds to atsec’s unparalleled reputation for timely completion of Linux evaluations. Since August 2003, atsec has initiated and completed 15 Linux evaluations at EAL3+ and EAL4+

atsec information security to present six sessions at 8th ICCC conference in Rom …

Five security experts from atsec information security will present six sessions at the 2007 International Common Criteria Conference in Rome (25th – 27th of September), making atsec the single largest presenting contributor to the 2007 event. We invite you to visit us at our booth to learn more about the successful, innovative work done by the premier global Common Criteria laboratory, for example, our Linux OS and mainframe computer evaluation

atsec Evaluates HP Red Hat Enterprise Linux 5 at Common Criteria EAL4+ Under NIA …

atsec information security today announced that Red Hat Enterprise Linux 5 has been certified by the U.S. National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS) as conformant to EAL4+ and the Controlled Access Protection Profile (CAPP), Labeled Security Protection Profile (LSPP) and Role Based Access Control (RBAC). The operating system is certified on HP Integrity and HP ProLiant servers. According to Burton Group Principal Analyst Bob

atsec information security evaluates IBM z/OS V1R8 - Common Criteria Certificati …

atsec information security recently completed the evaluation of IBM’s z/OS V1R8 in the world\'s largest and most complex operating system evaluation. The first evaluation of z/OS, at V1R6, was performed in 2005 at EAL3, followed by a re-evaluation of V1R7 in 2006 at EAL4 with added security features. The current re-evaluation of IBM z/OS V1R8 at EAL4+ addressed significantly enhanced security functions and provides assurance of the product

SGI and atsec information security complete evaluation of Red Hat Enterprise Lin …

EAL3+ and CAPP validation for SGI the latest in an impressive series of Linux evaluations by atsec SGI and atsec information security are pleased to announce completion of the Common Criteria evaluation of Red Hat Enterprise Linux (RHEL) 4 Update 4 at evaluation assurance level (EAL) 3+ with compliance to the Controlled Access Protection Profile (CAPP). RHEL4 Update 4 was examined on the SGI® Altix® server platform. The U.S. NIAP CCEVS