Category Archives: Assurance

Embedded UICC – Konzept und Zertifzierbarkeit

Embedded UICC (eUICC) zielen auf den Einsatz in Machine-2-Machine Lösungen ab, bei denen die Auswahl des Mobilfunkbetreibers erst nach der Produktion erfolgt, aber zu diesem Zeitpunkt kein Zugang zum Produkt mehr möglich ist. Der Vortrag stellt den aktuellen Stand der … Continue reading

Posted in IT security, Assurance | Comments Off on Embedded UICC – Konzept und Zertifzierbarkeit

Secure delivery of certified products

Secure delivery is the process of transferring certified products to the user. Manipulation during this phase might be undetectable, e.g. implanting Advanced Persistent Threats. Even security domains that Common Criteria approaches rely on may be exploited. The paper assesses the … Continue reading

Posted in IT security, Assurance | Comments Off on Secure delivery of certified products

Smartphone Applications – Common Criteria is going mobile

International Common Criteria Conference, Paris, France. September 18-20, 2012. Smartphones are a growing, fast moving field of IT. Although smartphones and their applications are omnipresent and potentially violating security, its development cycle is not yet tackled by application evaluation thoroughly. … Continue reading

Posted in Assurance, Talks | Comments Off on Smartphone Applications – Common Criteria is going mobile

Zertifizierte IT-Sicherheit nach Common Criteria – ISO/IEC 15408

IEEE Passau Montag, 28. November 2011 Universität Passau, Raum 242 IM Der Common Criteria Katalog beschreibt Sicherheitsuntersuchungen von IT-Produkten. Der Vortrag streift die Anerkennung von Zertifizierungen, den Begriff der Prüftiefe sowie Schwachstellen-Analysen. Weiterführende Literatur: http://www.commoncriteria.org 12th International Common Criteria Conference, http://12iccc.cybersecurity.my/ http://www.bsi.bund.de AIS 41 – … Continue reading

Posted in Assurance, Talks | Comments Off on Zertifizierte IT-Sicherheit nach Common Criteria – ISO/IEC 15408

Integrating requirements into a Protection Profiles

Lessons learned from machine-readable travel documents (MRTD) PP consolidation 12th International Common Criteria Conference (12ICCC) 2011, Kuala Lumpur, Malaysia 28. September 2011 International standards provide the grounding for identity documents, like [ICAO 9303] for machine-readable travel documents (MRTD). Such products … Continue reading

Posted in Assurance, Talks | Comments Off on Integrating requirements into a Protection Profiles

Network security seminar, winter 2006/2007

Mario Achenbach, Sabine Gattermann, Rolf Karp, Thomas Krügl, Martin Kuchler, Andreas Lohrum, Johannes Ortanderl, Stefan Peters, Patrick Schönberger, Alex Tigaeru, Andreas Wölfl, Reinhold Zieringer University of Passau, Computer Networks & Communcations Network security has a tremendous impact on today’s operation … Continue reading

Posted in IT security, Assurance, Teaching | Comments Off on Network security seminar, winter 2006/2007

IT-Security seminar, summer 2006

Thomas Bernreiter, Andreas Busler, Andreas Fischer, Alberto Fuentes Pérez, Sebastian Huber, Pham Hai Dang Le, Wolfgang Pfnür, Kerstin Renner, Mario Scheu, Alexander Stenzer University of Passau, Computer Networks & Communcations IT-Security is a complex, many-faced topic. Its importance requires considerations … Continue reading

Posted in IT security, Assurance, Teaching | Comments Off on IT-Security seminar, summer 2006