The Information Security Provider
atsec IT Security Blog
News about Common Criteria, FIPS, Conferences
and other topics revolving around IT security.
For a non-paginated list of all of our blog posts, head over to our Blog Archive page.
-
Sample Size in NIST SP800-90B
We invite you to watch this presentation by Richard Fant on Sample Size in SP800-90B.
-
Do Remote Site Visits Work?
While the home office has become a normality for many IT companies and operations during the pandemic, the requirements for security evaluation, certifications, accreditations, and other approvals have remained constant. Site visits at the development sites are required to achieve the approval of certification and accreditation. How could…
-
atsec China adds PCI CPSA (Logical and Physical) Assessor Qualifications
atsec China has been qualified by PCI SSC (Payment Card Industry Security Standards Council) as a Card Production Security Assessor (CPSA) Company to validate an entity’s adherence to the PCI Card Production and Provisioning Logical Security and Physical Security Requirements (two separate security standards). Currently atsec provides the…
-
Reflections on Security Assurance
Some reflections on security assurance, how it can be achieved and verified, from the view of an evaluation lab. Security assurance is usually hard to grasp and sometimes we have seen there is the misconception how it can be achieved. One of the early milestones in understanding assurance…
-
The genesis of atsec’s name, logo, and websites
When atsec was about to be founded, one of the first questions the founders (a German, an Italian, and a Swede) had was which name would best represent the company’s approach to information security, but more importantly, whether the domain would be available. Here is the list of…
-
atsec Scholarship Connects Logic and Cryptography
The two most repeated terms at the NIST Entropy Workshop held on April 27-29 are “mathematical model” and “justification.” That brought me back to my college days at Peking University where I first studied Mathematical Logic. Logic is all about valid rules of inference. Mathematical logic applies the techniques of…
-
New Cybersecurity Initiative will use Detection Dogs to spot Cyber Security Attacks to the US IT Infrastructure
Washington, DC—A new cybersecurity initiative dubbed PAWS (Puppy Assisted Warning Systems) has been introduced today by the US Department of Defense (DoD) to combat and deter the rising threat of cybersecurity attacks from countries who have vested interests to undermine US IT infrastructure and businesses. The 1.7 trillion…
-
Choose to Challenge
Celebrating International Women’s Day 2021!
-
The Impact of TLS 1.3 and ACVTS on FIPS Certification Testing
by Marcos Portnoi, Stephan Mueller, and Viktoria Meyerhoff In 2018, the Internet Engineering Task Force (IETF) published RFC 8446, “Transport Layer Security (TLS) Protocol Version 1.3”, a new standard for the latest version of TLS. TLS is the successor of SSL (Secure Sockets Layer), which was developed by…