TURKISH COMMON CRITERIA CERTIFICATION SCHEME. Mustafa YILMAZ IT Test and Certification Department, TSE/TURKEY
|
|
- Linda Gallagher
- 8 years ago
- Views:
Transcription
1 TURKISH COMMON CRITERIA CERTIFICATION SCHEME Mustafa YILMAZ IT Test and Certification Department, TSE/TURKEY
2 TURKISH COMMON CRITERIA CERTIFICATION SCHEME UPDATE-2015
3 Contents Organisational Updates Protection Profile Projects Completed On-going Products yet Certified On-Going Page 3
4 Brief information about TSE
5 Brief information about TSE TSE has been established in 1960 TSE prepare standards for every kind of item and products together with procedure and service. The Institute is related with Minister of Science,Industry and Technology
6 Brief information about TSE TSE is a public founding institution Its abbreviation and trademark is TSE. This mark can not be used without the permission of TSE in no way and under no condition.
7 The Task Of TSE To prepare and to get every kind of standard prepared To inspect the standards To publish the standards To perform the technical inspections and researches about standards, to follow up the resembling studies done in foreign countries,
8 The Task Of TSE To collaborate with universities and other scientific and technical associations and institutions, To conduct research on standards and to establish laboratories To train personnel in order to maintain and develop the standard works in the country and to open courses and arrange seminars To perform studies about metrology and calibration and to establish necessary laboratories
9 To Summarize The Services conducted by TSE Quality and System Certification Product and Service Site Certification Personnel Certification Laboratories Calibration Standard Preparation International Represantatives and Our Coorporations
10 Brief information about Information Technology Test and Certification Department
11 Aim Our aim is test and certify the organizations and products according to national and international standards.
12 Organization Chart
13 General Activities Give certificate about IT area Functional, Performance and Penetration Test about IT area Give seminar to increase public awareness Attend the CCDB,CCES,CCMC meeting to represent Turkey CCCS,attend NATO Meeting To coordinate Cyber Security Special Committe to create PP for many field Responsible for Cyber Security Action Plan 10-12
14 IT Certification Services TS ISO/IEC Common Criteria Site Security Certification TS ISO/IEC Security and Test Requirements for Cryptographic Modules TS IT- Electronic Records Management TS ISO/IEC SPICE First Level Security Certification TS ISO/IEC ITsoftware packagesquality requirements and testing TSE-PTE Penetration Tester Expert Certification Programme TS ISO/IEC Software Lıfe Cycle TS ISO/IEC System Life Cycle QWEB Certification TS ISO/IEC Ergonomics of human-system interaction
15 Certification Logos
16 Other Logos
17 TSE-Common Criteria Certification Scheme In 2003 TSE signed CCRA on behalf of Turkey as «Consuming Member» In 2005 TSE-CCCS was established. In 2008 TSE-CCCS was applied to CCRA for «Authorising member» In 2010 TSE-CCCS was assessed by CCRA «Shadow Assessment», with successful. In 2012 SCS-Turkey was established. In 2014,VPA Audit passed with success.
18 Organisational Updates CC Laboratories 4 licensed CC labs (ITSEFs) and Crypto Labs TUBITAK BİLGEM OKTEM EPOCHE&ESPRI CYGNACOM BEAM TEKNOLOJI 3 candidate ITSEFs Page 18
19 Other IT labs TUBITAK BILGEM UEKAE eid Test Laboratory METU CRYPTOLOGY Test Laboratory METU İBE Test Laboratory TUBİTAK BİLGEM YTKDM Page 19
20 Some of the trainings taken by TSE CCCS Certifiers -Cyber Security -Network Security -Cryptology -Certified Ethical Hacker -etc. Page 20
21 TSE-CCCS, Turkey CYBER SECURITY SPECIAL COMMITTEES, CYBER SECURITY SPECIAL COMMITTEES Established with govermental encourage 50 External independent Experts 25 Cyber Security projects, many of them are PPs Page 21
22 Projects within the Scope of Cyber Security Secure Web Applications Protection Profile Secure E-Commerce Protection Profile Internet Banking and Mobile Banking Security Criteria EDRMS(Electronic Document, Records Management System) Protection Profile (certified) Secure GIS (Geographic Information Systems) Protection Profile (completed) Basic Level Security Certification Site Security Certification E-Identity Protection Profile (completed) Page 22
23 Projects within the Scope of Cyber Security Secure Access Module Protection Profile (completed) Secure IC Protection Profile (completed) Embedded Operating System Protection Profile Determining Criteria for Software Developers and Test Engineers-SCRUM and ISTQB Cloud Computing Standard (completed) Healthcare Information Management Systems Protection Profile (completed) SSL Criteria Page 23
24 Projects within the Scope of Cyber Security Determining administrative criteria for companies and staff which do penetration tests (completed) Preparing Test Criteria and Security Requirements for Biometric Products and PP (completed) E-Passport PP (completed) Data Centers (System Rooms) Certification IT Products Vulnerability Gap Library Determining Technical Criteria for Penetration Tests (completed) Web Services PP (completed) Smart Meter-Gateway PP (certified) Page 24
25 Projects within the Scope of Cyber Security New Generation Cash Register Fiscal Application Software PP (certified) Mobile Application PP Central Log Management Pardus Migration Expert Certification Computer Forensics Expert Certification Page 25
26 Products Certified 34 products certified On-going 32 products are under evaluation Many products are in application Page 26
27 PPs on Evaluation Secure IC PP Healthcare Information System Software Secure Web Applications Protection Profile Secure E-Commerce Protection Profile Secure GIS (Geographic Information Systems) Protection Profile E-Identity Protection Profile (completed) Secure Access Module Protection Profile (completed) E-Passport PP (completed) Page 27
28 Licensed ITSEFs TÜBİTAK BİLGEM OKTEM License Date: Location: Kocaeli / TURKEY Contact person: Gül AYDIN EPOCHE&ESPRI License Date: Location: Madrid / SPAIN Contact person: Miguel BANON Page 28
29 Licensed ITSEFs CYGNACOM SOLUTIONS INC. License Date: Location: VA / USA Contact person: Nithya RACHAMADUGU BEAM TEKNOLOJI A.Ş. License Date: Location: Ankara / TURKEY Contact person: Mehmet ÇAKIR Page 29
30 Ongoing Evaluations (1 of 8) UKTÜM v7.01 TÜBİTAK BİLGEM UEKAE Secure IC EAL 5+ (AVA_VAN.5) ITSEF: TÜBİTAK BİLGEM OKTEM UKiS v2.2 TÜBİTAK BİLGEM UEKAE Contact based Smart Card EAL 4+ (AVA_VAN.5, ALC_DVS.2) ITSEF: TÜBİTAK BİLGEM OKTEM Z32HCD2S NATIONZ INC. Secure IC EAL 4+ (AVA_VAN.5, ALC_DVS.2) ITSEF: TÜBİTAK BİLGEM OKTEM Page 30
31 Ongoing Evaluations (2 of 8) CHANGE v1.1 E DATA New Generation Cash Register Fiscal Application Software EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM HCRX v1.1 HUGİN New Generation Cash Register Fiscal Application Software EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Healthcare Information Management Systems Protection Profile Software EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Page 31
32 Ongoing Evaluations (3 of 8) Secure Communication Module for Water Tracking Systems PP Secure Communication Module EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Korugan UTM COMODO Unified Threat Management EAL 2+ (ALC_FLR.2) ITSEF: BEAM TEKNOLOJI Crunchy Enterprise PostgreSQL Database Management System EAL 2+ (ALC_FLR.2) CYGNACOM SOLUTIONS Page 32
33 Ongoing Evaluations (4 of 8) PFAS v1.2 New Generation Cash Register Fiscal Application Software EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM SIEM GUI v1.1.6 with NATEK SIEM Server NATEK Security Information and Event Management EAL 3 ITSEF: TÜBİTAK BİLGEM OKTEM Toshiba nf Fiscal Microcode v0.9 POS Perakende EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Page 33
34 Ongoing Evaluations (5 of 8) Wincor Nixdorf Beetle (OptiPOS) WINCOR NIXDORF EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Application Firmware of Secure Smartcard Reader for National Electronic Identity Verification System Protection Profile Security Information and Event Management EAL 4+ (ALC_DVS.2) ITSEF: TÜBİTAK BİLGEM OKTEM AKiS v2.2.7n TÜBİTAK BİLGEM OKTEM EAL 4+ (ALC_DVS.2) ITSEF: TÜBİTAK BİLGEM OKTEM Page 34
35 Ongoing Evaluations (6 of 8) Netsafe Management Software Netsafe EAL 4+ (ALC_FLR.2) ITSEF: BEAM TEKNOLOJI Aselsan Digital Tachograph Vehicle Unit ASELSAN EAL 4+ (ATE_DPT.2, AVA_VAN.5) ITSEF: EPOCHE & ESPRI E-Belgem Electronic Documents Management System TÜBİTAK BİLGEM OKTEM EAL 3+ (ALC_DVS.2) ITSEF: TÜBİTAK BİLGEM OKTEM Page 35
36 Ongoing Evaluations (7 of 8) Datakom DTC-100 Digital Tachograph Vehicle Unit DATAKOM EAL 4+ (ATE_DPT.2, AVA_VAN.5) ITSEF: TÜBİTAK BİLGEM OKTEM Akgün Healthcare Information System AKGÜN Yazılım EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Secure IC Protection Profile EAL 5+ (ALC_DVS.2, AVA_VAN.5) ITSEF: TÜBİTAK BİLGEM OKTEM Page 36
37 Ongoing Evaluations (8 of 8) NCR e10 ENCORE EAL 2 ITSEF: TÜBİTAK BİLGEM OKTEM Page 37
38 Protection Profiles Completed 8 PPs have been certificed PP for Smart Card Access Device Firmware IP Cash Register PP Electronic Document and Records Management Software PP Protection Profile for Smart Meter of Turkish Electricity Advanced Metering Infrastructure Page 38
39 Protection Profiles Completed 8 PPs have been certificed New Generation Cash Register Fiscal Application Software New Generation Cash Register Fiscal Application Software v1.8 New Generation Cash Register Fiscal Application Software v2.0 New Generation Cash Register Fiscal Application Software-2 v1.3 Page 39
40 On-going Protection Profiles 11 PPs are under development Page 40
41 Projects within the Scope of Cyber Security Site Security Certification Two external experts worked for this project Providing the certification of developing campus of products subjects to Common Criteria Certification An approach to reduce cost and time for CC Page 41
42 Projects within the Scope of Cyber Security First Level Security Certification Two external expert worked for this project A security evaluation program aiming simple,fast and effective evaluation Evaluation time is normally 35 man/days. Total time is 8 weeks for certification. Page 42
43 Projects within the Scope of Cyber Security Healthcare Information Management Systems PP Six external experts (in different disciplines) have been working for this project Providing a standardization on Health Informatics Systems PP is being evaluated Page 43
44 Projects within the Scope of Cyber Security Secure GIS (Geographic Information Systems) Protection Profile Two external experts have been working for this project Providing a standardization on Geographic Informatics Systems and determining minimum security requirements Page 44
45 Projects within the Scope of Cyber Security Preparing Test Criteria and Security Requirements for Biometric Products One Internal,Six external experts have been working for this project Contribution of the Establishment Turkish National Police Developing new generation biometric sensor,implementing attacks and detecting countermeasures by developing test methods Determining minimum security requriments for biometric products Preparing Protectection Profile for Biometric Products Page 45
46 Projects within the Scope of Cyber Security Cloud Computing Standard, Security Criteria Two external experts have been working for this project Developing Cloud IT standard and criteria by analysing security risks,assests. Page 46
47 Projects within the Scope of Cyber Security Ethical Hacker Certification Evaluating staff and companies which do penetration tests in terms of administrative criteria Checking if white hat hackers provide criteria or not In the scope of this certification program has been determined administrative and technical criteria for penetration tests and testers Page 47
48 Secure IC PP Projects within the Scope of Cyber Security One external expert Determining criteria for execution and storage of the embedded OS,data storage and communication with external work. Page 48
49 Projects within the Scope of Cyber Security Health Management Systems PP Five external expert Determining minimum security criteria for web-based health information sytems application software Page 49
50 Projects within the Scope of Cyber Security Pardus Migration Expert Certification Evaluating staff which manage migration to Pardus OS in governmental organizations Page 50
51 Projects within the Scope of Cyber Security Computer Forensics Experts Certification Evaluating staff and companies which do forensics examinations Project include Ministry of Justice, General Directorate of Police Page 51
52 SCS-TURKEY SMART CARD SECURITY TURKEY CONSOURTIUM, December 2012 SCS-Turkey`s Members: TSE-CCCS TÜBİTAK BİLGEM UEKAE (Smart Card Developers) TÜBİTAK BİLGEM OKTEM (ITSEF) 3 UNIVERSITIES Many developers Page 52
53 To summarise CC; 34 products certified 8 PPs are certified 32 ongoing products 11 PPs are being developed More contacts with national & international vendors Page 53
54 CRYPTO MODUL VALIDATION PROGRAM & CRYPTO ALGORITHM VALIDATION PROGRAM TSE-CMVP TSE-CAVP, Turkey ISO/IEC and ISO/IEC Crypto Modul Evaluation and Certifications Approved labs. Epoche & Espri Tübitak Bilgem OKTEM Cygnacom METU Cryptology Lab. Page 54
55 THANK YOU Mariye Umay AKKAYA Zümrüt Müftüoğlu Mustafa YILMAZ- Turkish Standards Institution IT & Common Criteria Certification Scheme, TURKEY 55
TURKISH COMMON CRITERIA CERTIFICATION SCHEME TSE-CCCS TURKISH NATIONAL UPDATE, 2013
TURKISH COMMON CRITERIA CERTIFICATION SCHEME TSE-CCCS TURKISH NATIONAL UPDATE, 2013 Mariye Umay Akkaya Director of TK`s CB 14 th ICCC,10.09.2013,Orlando TURKISH COMMON CRITERIA CERTIFICATION SCHEME-2013
More informationLearn from the Expert Observation during Shadow Certification Assessment
Ministry of Science, Technology and Innovation Learn from the Expert Observation during Shadow Certification Assessment Nor Radziah Jusoh Malaysian Common Criteria Certification Body (MyCB) 22 July 2010
More informationCertification Report
Certification Report EAL 4+ (AVA_VAN.5) Evaluation of ID&Trust Ltd. HTCNS Applet v1.03 issued by Turkish Standards Institution Common Criteria Certification Scheme Certificate Number: 21.0.01/TSE-CCCS-29
More informationUpdate Update on the Spanish Evaluation and Certification Scheme
Spanish Certification Body Update Update on the Spanish Evaluation and Certification Scheme Head of the Certification Body September 2008 Contents Intro to the CCN & the SP Scheme SP CB Status in CCRA
More informationCertification Report
Certification Report EAL 4+ (ALC_DVS.2) Evaluation of TÜBİTAK BİLGEM Protection Profile for Application Firmware of Secure Smartcard Reader for National Electronic Identity Verification System issued by
More information22 July, 2010 IT Security Center (ISEC) Information-technology Promotion Agency (IPA) Copyright 2010 Information-Technology Promotion Agency, Japan 1
22 July, 2010 IT Security Center (ISEC) Information-technology Promotion Agency (IPA) Copyright 2010 Information-Technology Promotion Agency, Japan 1 Introduction of IPA Copyright 2010 Information-Technology
More informationCertification Report
Certification Report EAL 2 Evaluation of Revenue Administration Department of Turkey/Gelir İdaresi Başkanlığı Common Criteria Protection Profile for New Generation Cash Register Fiscal Application Software-2
More informationCertification Report. NXP Secure Smart Card Controller P40C012/040/072 VD
TÜV Rheinland Nederland B.V. Version 20101101 Certification Report NXP Secure Smart Card Controller P40C012/040/072 VD Sponsor and developer: NXP Semiconductors Germany GmbH, Business Unit Identification
More informationTechnical Security in Smart Metering Devices: A German Perspective S4 SCADA Security Scientific Symposium 2012-01-18, Miami Beach FL / USA
Technical Security in Smart Metering Devices: A German Perspective S4 SCADA Security Scientific Symposium 2012-01-18, Miami Beach FL / USA Dr. Stephan Beirer s.beirer@gai-netconsult.de Sichere ebusiness
More informationCertification Report
Certification Report EAL 4+ (ALC_FLR.2) Evaluation of TÜBİTAK BİLGEM UEKAE ELEKTRONİK SERTİFİKA YÖNETİM ALTYAPISI (ESYA)- ELECTRONIC CERTIFICATE MANAGEMENT INFRASTRUCTURE v2.0 issued by Turkish Standards
More informationCERTIFIED. SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA
CERTIFIED SECURE SOFTWARE DEVELOPMENT with COMMON CRITERIA CONTENT CC IN A NUTSHELL CC BACKGROUND AIM AND GOAL OF CC ADVANTAGES OF CC WHY DO WE RECOMMEND CC TO DEVELOPERS? WHEN IS CC THE RIGHT CHOICE?
More informationCitrix NetScaler Platinum Edition Load Balancer Version 10.5 running on MPX 9700-FIPS, MPX 10500-FIPS, MPX 12500-FIPS, MPX 15500-FIPS appliances
122 CERTIFICATION REPORT No. CRP294 Citrix NetScaler Platinum Edition Load Balancer Version 10.5 running on MPX 9700-FIPS, MPX 10500-FIPS, MPX 12500-FIPS, MPX 15500-FIPS appliances Issue 1.0 November 2015
More informationMalaysian Common Criteria Evaluation & Certification (MyCC) Scheme Activities and Updates. Copyright 2010 CyberSecurity Malaysia
Malaysian Common Criteria Evaluation & Certification (MyCC) Scheme Activities and Updates Copyright 2010 CyberSecurity Malaysia Agenda 1. Understand Why we need product evaluation and certification ICT
More informationCommon Criteria. Introduction 2014-02-24. Magnus Ahlbin. Emilie Barse 2014-02-25. Emilie Barse Magnus Ahlbin
Common Criteria Introduction 2014-02-24 Emilie Barse Magnus Ahlbin 1 Magnus Ahlbin Head of EC/ITSEF Information and Security Combitech AB SE-351 80 Växjö Sweden magnus.ahlbin@combitech.se www.combitech.se
More informationCertification Report - Firewall Protection Profile and Firewall Protection Profile Extended Package: NAT
Template: CSEC_mall_doc.dot, 7.0 Ärendetyp: 6 Diarienummer: 14FMV10188-21:1 Dokument ID CB-015 HEMLIG/ enligt Offentlighets- och sekretesslagen (2009:400) 2015-06-12 Country of origin: Sweden Försvarets
More informationProtection Profile for UK Dual-Interface Authentication Card
Protection Profile for UK Dual-Interface Authentication Card Version 1-0 10 th July 2009 Reference: UNKT-DO-0002 Introduction This document defines a Protection Profile to express security, evaluation
More informationSpillemyndigheden s Certification Programme Instructions on Penetration Testing
SCP.04.00.EN.1.0 Table of contents Table of contents... 2 1 Objectives of the... 3 1.1 Scope of this document... 3 1.2 Version... 3 2 Certification... 4 2.1 Certification frequency... 4 2.1.1 Initial certification...
More informationJoint Interpretation Library. Security Evaluation and Certification of Digital Tachographs
Joint Interpretation Library Security Evaluation and Certification of Digital Tachographs JIL interpretation of the Security Certification according to Commission Regulation (EC) 1360/2002, Annex 1B Version
More informationCertification Report
Certification Report EAL 2+ Evaluation of Symantec Endpoint Protection Version 12.1.2 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and
More informationApplying Common Criteria to a cloud type payment service
1 Applying Common Criteria to a cloud type payment service Kenji Yamaya ECSEC Laboratory Inc. 2 Evaluation of a cloud system Tablet internet cloud Newly developed terminal products Mobile POS Smart Phone
More information(BDT) BDT/POL/CYB/Circular-002. +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int
2011 15 (BDT) BDT/POL/CYB/Circular-002 +41 22 730 6057 +41 22 730 5484 cybersecurity@itu.int 2008 2010 2010 International Telecommunication Union Place des Nations CH-1211 Geneva 20 Switzerland Tel: +41
More informationGeneral Requirements for Accreditation of ASNITE. Testing Laboratories of Information Technology. (The 12th Edition) November 1, 2014
TIRP21 General Requirements for Accreditation of ASNITE Testing Laboratories of Information Technology 1/43 (Tentative Translation) Accreditation - Department - TIRP21 ASNITE Test IT Publication Document
More informationLessons learnt in writing PP/ST. Wolfgang Killmann T-Systems
Lessons learnt in writing PP/ST Wolfgang Killmann T-Systems Overview of the talk Lessons learnt in writing PP/ST Practical experience of PP/ST writing Issues with and suggestions for PP/ST writing Conformance
More informationJoint Interpretation Library. Guidance for smartcard evaluation
Joint Interpretation Library Guidance for smartcard evaluation Version 2.0 February 2010 Table of content 1. REFERENCES 5 2. OBJECTIVE 6 3. SMARTCARD PRODUCT PRESENTATION AND DEFINITIONS 7 3.1. Glossary
More informationBSI-DSZ-CC-S-0035-2014. for. GLOBALFOUNDRIES Singapore Pte. Ltd. GLOBALFOUNDRIES Singapore Pte. Ltd.
BSI-DSZ-CC-S-0035-2014 for GLOBALFOUNDRIES Singapore Pte. Ltd. of GLOBALFOUNDRIES Singapore Pte. Ltd. BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49
More informationBuild a CC assurance package dedicated to your risk assessment. Francois GUERIN Security Program Manager francois.guerin@gemalto.
Build a CC assurance package dedicated to your risk assessment Francois GUERIN Security Program Manager francois.guerin@gemalto.com Gemplus & Axalto merge into Gemalto 1.7 billion in combined pro-forma
More informationMINISTERIO DE DEFENSA CENTRO NACIONAL DE INTELIGENCIA CENTRO CRIPTOLÓGICO NACIONAL ORGANISMO DE CERTIFICACIÓN
REF: 2010-22-INF-764 V1 Distribution: Expediente Date: 21.11.2011 Created: CERT3 Reviewed: CALIDAD Approbed: TECNICO CERTIFICATION REPORT FOR FOR HUAWEI INTEGRATED MANAGEMENT APPLICATION PLATFORM VERSION
More informationOpen Smart Card Infrastructure for Europe
Open Smart Card Infrastructure for Europe v2 Volume 8: Part 3-1: Authors: Security and Protection Profiles (Common Criteria Supporting Document) eesc TB3 Protection Profiles, Security Certification NOTICE
More informationCertification Report
Certification Report EAL 4+ Evaluation of Entrust Authority Security Manager and Security Manager Administration v8.1 SP1 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationOracle Business Intelligence Enterprise Edition (OBIEE) Version 10.1.3.3.2 with Quick Fix 090406 running on Oracle Enterprise Linux 4 update 5 x86_64
122-B CERTIFICATION REPORT No. CRP250 Business Intelligence Edition (OBIEE) Version 10.1.3.3.2 with Quick Fix 090406 running on update 5 Issue 1.0 June 2009 Crown Copyright 2009 All Rights Reserved Reproduction
More informationCitrix Password Manager, Enterprise Edition Version 4.5
122-B COMMON CRITERIA CERTIFICATION REPORT No. CRP235 Citrix Password Manager, Enterprise Edition Version 4.5 running on Microsoft Windows and Citrix Presentation Server Issue 1.0 June 2007 Crown Copyright
More informationThe Significance of Common Criteria, Protection Profiles, and Lumeta IPsonar
Lumeta IPsonar 5.5C The Significance of Common Criteria, Protection Profiles, and Lumeta IPsonar The aim of the new Common Criteria is to ensure that commercial enterprise security products represent a
More informationMINISTERIO DE DEFENSA CENTRO NACIONAL DE INTELIGENCIA CENTRO CRIPTOLÓGICO NACIONAL ORGANISMO DE CERTIFICACIÓN
REF: 2008-02-INF-357 V1.0 Distribution: Public Date: 27.07.2009 Created: CERT8 Reviewed: TECNICO Approved: JEFEAREA CERTIFICATION REPORT FOR Microsoft SDK for Open XML Formats v1.0 Dossier: 2008-02 Ms
More informationBSI-DSZ-CC-S-0040-2015. for. Dream Chip Technologies GmbH Germany. Dream Chip Technologies GmbH
BSI-DSZ-CC-S-0040-2015 for Dream Chip Technologies GmbH Germany of Dream Chip Technologies GmbH BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49 (0)228
More informationSpillemyndigheden s Certification Programme Instructions on Penetration Testing
SCP.04.00.EN.1.0 Table of contents Table of contents... 2 1 Introduction... 3 1.1 Spillemyndigheden s certification programme... 3 1.2 Objectives of the... 3 1.3 Scope of this document... 4 1.4 Definitions...
More informationJoint Interpretation Library. ETR-lite for composition : Annex A Composite smartcard evaluation : Recommended best practice. IC and ES composition
ETR-lite for composition : Annex A Composite smartcard evaluation : Recommended best practice IC and ES composition Version 1.2 March 2002 ETR-lite for Composition Annex A Table of Contents 1. Foreword...
More informationNew-Age Undergraduate Programme
New-Age Undergraduate Programme B. Tech Cloud Technology & Information Security (4 Year Full Time Programme) Academic Year 2015 Page 1 Course Objective This unique B. Tech course provides dual career options
More informationBSI-DSZ-CC-0889-2013. for. tru/cos tacho v1.1. from. Trueb AG
BSI-DSZ-CC-0889-2013 for tru/cos tacho v1.1 from Trueb AG BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach 20 03 63, D-53133 Bonn Phone +49 (0)228 99 9582-0, Fax +49 (0)228 9582-5477,
More informationESKISP6054.01 Conduct security testing, under supervision
Overview This standard covers the competencies required to conduct security testing under supervision. In order to contribute to the determination of the level of resilience of an information system to
More informationSmarter Security for Smarter Local Government. Craig Sargent, Solutions Specialist
Smarter Security for Smarter Local Government Craig Sargent, Solutions Specialist SUMMARY 1 Trustwave and SpiderLabs 2 Penetration Testing 3 Web Application Firewall (WAF) 4 Security Information & Event
More informationCertification Report
Certification Report EAL 3+ Evaluation of RSA envision platform v4.0 SP 1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationSpillemyndigheden s Certification Programme Instructions on Vulnerability Scanning
SCP.05.00.EN.1.0 Table of contents Table of contents... 2 1 Objectives of the... 3 1.1 Scope of this document... 3 1.2 Version... 3 2 Certification... 3 2.1 Certification frequency... 3 2.1.1 Initial certification...
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Email and Web Security Appliance Version 5.5 Patch 2 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationCommittees Date: Subject: Public Report of: For Information Summary
Committees Audit & Risk Management Committee Finance Committee Subject: Cyber Security Risks Report of: Chamberlain Date: 17 September 2015 22 September 2015 Public For Information Summary Cyber security
More informationNEW AND GLOBAL + OLD APPROACH PRODUCT LEGISLATION: A. Standard questionnaire to be filled for each sector individually:
IV. NEW AND GLOBAL + OLD APPROACH PRODUCT LEGISLATION: A. Standard questionnaire to be filled for each sector individually: Sector: Noise emission in the environment by equipment for use outdoors Directive
More informationOracle Identity and Access Management 10g Release 10.1.4.0.1 running on Red Hat Enterprise Linux AS Release 4 Update 5
122-B CERTIFICATION REPORT No. CRP245 Oracle Identity and Access Management 10g Release 10.1.4.0.1 running on Red Hat Enterprise Linux AS Release 4 Update 5 Issue 1.0 June 2008 Crown Copyright 2008 Reproduction
More informationUK IT SECURITY EVALUATION AND CERTIFICATION SCHEME
UK IT SECURITY EVALUATION AND CERTIFICATION SCHEME 122-B CERTIFICATION REPORT No. P149 CHECK POINT VPN-1/FIREWALL-1 Issue 1.0 January 2001 Crown Copyright 2001 Reproduction is authorised provided the report
More informationBellevue University Cybersecurity Programs & Courses
Undergraduate Course List Core Courses: CYBR 250 Introduction to Cyber Threats, Technologies and Security CIS 311 Network Security CIS 312 Securing Access Control CIS 411 Assessments and Audits CYBR 320
More informationDeveloping a new Protection Profile for (U)SIM UICC platforms. ICCC 2008, Korea, Jiju Septembre 2008 JP.Wary/M.Eznack/C.Loiseaux/R.
Developing a new Protection Profile for (U)SIM UICC platforms ICCC 2008, Korea, Jiju Septembre 2008 JP.Wary/M.Eznack/C.Loiseaux/R.Presty Project Background A Protection Profile for (U)SIM Security Requirements
More informationC015 Certification Report
C015 Certification Report NexCode National Security Suite Release 3 File name: Version: v1a Date of document: 15 June 2011 Document classification: For general inquiry about us or our services, please
More informationAustralasian Information Security Evaluation Program
Australasian Information Security Evaluation Program Certification Report Certificate Number: 2009/54 2 June 2009 Version 1.0 Commonwealth of Australia 2009. Reproduction is authorised provided that the
More informationi Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.
Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time. 2 Barry Brueseke (619) 401 7334 www.inetwork west.com 4/3/2014 IEEE Cyber Security Workshop
More informationCertification Report
Certification Report HP Network Automation Ultimate Edition 10.10 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCertification Report
Certification Report EAL 4 Evaluation of SecureDoc Disk Encryption Version 4.3C Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification
More informationElectronic Document and Records Management System Protection Profile
Electronic Document and Records Management System Protection Profile Version 1.3.1 TURKISH STANDARDS INSTITUTION May 2014 1 DEVELOPERS Muhammed Rasit Ozdas Feyzullah Koray Atsan CONTRIBUTORS Mevlut Kus
More informationEPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION
COMMON CRITERIA PROTECTION PROFILE EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION Draft Version 1.0 TURKISH STANDARDS INSTITUTION TABLE OF CONTENTS Common Criteria Protection Profile...
More informationProtection Profile Digital Tachograph Vehicle Unit (VU PP) Version 1.0 BSI-CC-PP-0057-2010
Protection Profile Digital Tachograph Vehicle Unit (VU PP) Version 1.0 BSI-CC-PP-0057-2010 Dipl.-Phys. Certification Federal Office for Information Security (BSI), Germany Topics of VU-PP CC 3.1 R3 Overview
More informationCertification Report StoneGate FW/VPN 5.2.5
Ärendetyp: 6 Diarienummer: 11FMV3127-87:1 Dokument ID HEMLIG/ enligt Offentlighets- och sekretesslagen (2009:400) 2012-01-23 Country of origin: Sweden Försvarets materielverk Swedish Certification Body
More informationSupporting Document Guidance. Smartcard Evaluation. February 2010. Version 2.0 CCDB-2010-03-001
Supporting Document Guidance Smartcard Evaluation February 2010 Version 2.0 CCDB-2010-03-001 Foreword This is a supporting document, intended to complement the Common Criteria and the Common Evaluation
More informationSmartcard IC Platform Protection Profile
Smartcard IC Platform Protection Profile Version 1.0 July 2001 developed by Atmel Smart Card ICs Hitachi Europe Ltd. Infineon Technologies AG Philips Semiconductors Registered and Certified by Bundesamt
More informationISO 27001 Information Security Management Services (Lot 4)
ISO 27001 Information Security Management Services (Lot 4) CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. LHIS TECHNICAL ASSURANCE SERVICES... 3 3. SERVICE OVERVIEW... 4 4. EXPERIENCE...
More informationSupporting Document Guidance. ETR template for composite evaluation of Smart Cards and similar devices. September 2007. Version 1.
Supporting Document Guidance ETR template for composite evaluation of Smart Cards and similar devices September 2007 Version 1.0 Revision 1 CCDB-2007-09-002 Foreword This is a supporting document, intended
More informationExperience In Achieving MS ISO/IEC 17025 Accreditation Under Laboratory Accreditation Scheme Of Malaysia (SAMM)
Experience In Achieving MS ISO/IEC 17025 Accreditation Under Laboratory Accreditation Scheme Of Malaysia (SAMM) Noraini Abdul Rahman CyberSecurity Malaysia MySEF, Department of Security Assurance 22 July
More informationCertification Report
Certification Report McAfee Network Security Platform v7.1 (M-series sensors) Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationCFIR - Finance IT 2015 Cyber security September 2015
www.pwc.dk Cyber security Audit. Tax. Consulting. Our global team and credentials Our team helps organisations understand dynamic cyber challenges, adapt and respond to risks inherent to their business
More informationApplication of ALC requirements to Open Source projects
Application of ALC requirements to Open Source projects Christophe BLAD 1 ICCC 2012 Paris CESeCore Open Source library for digital signature and PKI services https://www.cesecore.eu Signature Key generation
More informationInformation Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276
Information Security Standards by Dr. David Brewer Gamma Secure Systems Limited Diamond House, 149 Frimley Road Camberley, Surrey, GU15 2PS +44 1276 702500 dbrewer@gammassl.co.uk Agenda Background and
More informationCertification Report
Certification Report EAL 4+ Evaluation of ncipher nshield Family of Hardware Security Modules Firmware Version 2.33.60 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationAustralasian Information Security Evaluation Program
Australasian Information Security Evaluation Program Certification Report Certificate Number: 2010/71 10 Dec 2010 Version 1.0 Commonwealth of Australia 2010. Reproduction is authorised provided that the
More informationCertification Report
Certification Report EAL 4+ Evaluation of WatchGuard Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government of
More informationHow To Evaluate Watchguard And Fireware V11.5.1
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationAGENDA ITEM 15-16 : ELECTRONIC SIGNATURE
SCREENING CHAPTER 10 Country Session: 13- Content Legislation Main Points of Turkish Electronic Signature Legislation Electronic Certificate Service Providers and Market Standardization Aspect of Electronic
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationSAMSUNG SDS FIDO Server Solution V1.1 Certification Report
KECS-CR-15-73 SAMSUNG SDS FIDO Server Solution V1.1 Certification Report Certification No.: KECS-ISIS-0645-2015 2015. 9. 10 IT Security Certification Center History of Creation and Revision No. Date Revised
More informationGlobal Knowledge Cybersecurity Training
Cybersecurity Training Your Solution for a Skilled Cyber Workforce Whether it s general cybersecurity awareness, secure network design and implementation, continuous monitoring, network forensics and analysis,
More informationSecure egovernment Where convenience meets security. www.infineon.com/ccs
Secure egovernment Where convenience meets security www.infineon.com/ccs Gaining transparency Electronic ID documents replace and enhance conventional ID documents that governments have been issuing for
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationCERTIFICATION REPORT No. CRP253
122-B CERTIFICATION REPORT No. CRP253 Citrix NetScaler Platinum Edition Load Balancer Version 9.1 (Build 100.3.cl) running on NetScaler 9010 FIPS, MPX 7000 platform, MPX 9000 platform, MPX 10000 platform
More informationJTEMS A Community for the Evaluation and Certification of Payment Terminals
JTEMS A Community for the Evaluation and Certification of Payment Terminals Jürgen Blum, Federal Office for Information Security (BSI), Germany 14 th ICCC, USA Outline Brief overview: What is JTEMS? Who
More informationCERTIFICATION REPORT
REF: 2011-11-INF-837 v1 Target: Público Date: 17.04.2012 Created by: CERT8 Revised by: CALIDAD Approved by: TECNICO CERTIFICATION REPORT File: 2011-11 KONA 102J1 epassport EAC v1.1 Applicant: KEBTechnology
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Next Generation Privileged Identity Management Control and Audit Privileged Access Across Hybrid Cloud Environments Ken Ammon, Chief Strategy Officer Who We Are Security software company
More informationTelecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT
Telecom Testing and Security Certification A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT 1 Need for Security Testing and Certification Telecom is a vital infrastructure
More informationGlobal Knowledge Cybersecurity Training
Cybersecurity Training Your Solution for a Skilled Cyber Workforce Whether it s general cybersecurity awareness, secure network design and implementation, continuous monitoring, network forensics and analysis,
More informationTest vehicle tool to assess candidate ITSEF s competency
Test vehicle tool to assess candidate ITSEF s competency September 28, 2011 Takayuki TOBITA IT Security Center (ISEC) Information-technology Promotion Agency, JAPAN (IPA) 1 Common Criteria Scheme in Japan
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationCertification Report
Certification Report EAL 2+ Evaluation of Symantec Endpoint Protection Version 11.0 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationC033 Certification Report
C033 Certification Report Mobile Billing System File name: Version: v1a Date of document: 15 June 2011 Document classification: For general inquiry about us or our services, please email: mycc@cybersecurity.my
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationBSI-DSZ-CC-0678-2011. for. Microsoft Forefront Unified Access Gateway 2010 (CC) Version / Build 4.0.1752.10000. from. Microsoft Corporation
BSI-DSZ-CC-0678-2011 for Microsoft Forefront Unified Access Gateway 2010 (CC) Version / Build 4.0.1752.10000 from Microsoft Corporation BSI - Bundesamt für Sicherheit in der Informationstechnik, Postfach
More informationKorea IT Security Evaluation and Certification Scheme
Korea IT Security Evaluation and Certification Scheme 2005. 9. 28 Korea Certification Body Dae Ho, Lee Agenda I KECS Introduction II Role and Responsibility of CB III Evaluation and Certification Procedure
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationCompliance Services CONSULTING. Gap Analysis. Internal Audit
Compliance Services Gap Analysis The gap analysis is a fast track assessment to establish understanding on an organization s current capabilities. The purpose of this step is to evaluate the current capabilities
More informationIDENTITY ANYONE CAN TRUST
IDENTITY ANYONE CAN TRUST TRUST SERVICE PROVIDER SINCE 2002 SK provides full e-authentication and digital signature solutions for even the most demanding private and public services. We work on a level
More informationCertification Report
Certification Report EAL 3+ Evaluation of Rapid7 Nexpose Vulnerability Management and Penetration Testing System V5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationNew-Age Master s Programme
New-Age Master s Programme MCA (Information Security Management Services) (3 Year Full-Time Programme) Academic Year 2015 Page 1 Course Objective MCA (Information Security Management Services) This unique
More informationInvestor and Analyst Call
Investor and Analyst Call 11 June 2013 Dr. Stefan Hofschen Division President Chip Card & Security (CCS) Table of Contents Infineon Chip Card & Security Overview Differentiation and Technology Growth Drivers
More informationCERTIFICATION REPORT
REF: 2011-12-INF-1089 v1 Target: Expediente Date: 17.12.2012 Created by: CERT8 Revised by: CALIDAD Approved by: TECNICO CERTIFICATION REPORT File: 2011-12 POLYMNIE LDS BAC applet Applicant: B340709534
More information