Common Criteria in the Cloud, Is This the End or Just the Beginning? (A22a)
The Common Criteria in the Cloud Technical Community (CCitC TC) has authored guidance for protection profile authors who wish to expand the scope of their... Read More
Extending the DBMS CPP: Embracing Cloud Architectures (A22b)
This talk explores the ongoing efforts to evolve and enhance the collaborative Protection Profile for Database Management Systems (cPP_DBMS) to support cloud architectures. It will... Read More
Methodology for Vulnerability Assessment in 5G Networks – the RAN Module Case Study (D22c)
Open Radio Access Network (Open-RAN) technology introduces disaggregation of RAN network functions, offering enhanced flexibility for extending hardware and software. The network may then be... Read More
How Common Criteria Can Be Optimized to Develop More Efficient Schemes (D22b)
The Common Criteria standard is often criticized for its costliness, time-consuming nature, excessive documentation requirements, and lack of objectivity. In this talk, the authors will... Read More
Leveraging EN 17927 for Streamlined IoT Security Compliance in the Face of Evolving EU Regulations (D22a)
In today’s rapidly evolving regulatory landscape, the need for robust IoT security has never been more critical. This talk will delve into the pivotal role... Read More
Building a Cybersecurity Certification Scheme From EN17640 Fit CEM (U21c)
EN 17640 (FiT CEM), a new evaluation methodology for IT products focused on penetration tests in a predefined time frame, is an efficient and effective... Read More
National Security Agencies—Time to Weigh-In on Legislation Affecting Security (U21b)
Countries around the world are considering and passing legislation that affects networks, data, and critical infrastructure. Even when the main thrust of the proposals is... Read More
US Scheme Update (U21a)
This talk provides an update on NIAP and CCRA, U.S. Scheme Updates, and NIAP Top Five Priorities for the upcoming year.
High Assurance Evaluations of Software-Only TOES (A21c)
High assurance evaluation of TOEs not included in known technical domains (Smartcards or security boxes) faces the additional challenge of creating evaluation, attack, and test... Read More