MUNICH, Germany – Gerald Krummeck, Common Criteria Lab Director for atsec information security GmbH, will present a talk at the upcoming CeBIT 2007 show in Hannover. The topic is “Erfahrungen aus der Evaluierung komplexer Softwareprodukte nach Common Criteria” (“Experiences from the Common Criteria Evaluation of Complex Products”).
Discussion of complex evaluations is a natural topic for Mr. Krummeck, who as atsec Laboratory Director, has conducted many Common Criteria evaluations of operating systems and other complex products. In fact, of all the successful operating system evaluations performed worldwide as listed on the official Common Criteria Portal web site (www.commoncriteriaportal.org), nearly half were performed by atsec, including several at the rigorous evaluation assurance level (EAL) 4 or higher. Currently, atsec is in the process of evaluating several version of Linux on a range of hardware platforms, IBM z/OS v1R8, and several complex database products.
atsec has a long-standing international reputation in IT security standards. Mr. Krummeck has served as chairman of the X/Open security working group and has long been involved at the cutting edge of standards implementation. He currently is working with Bundesamt für Sicherheit in der Informationstechnik (BSI) in Germany to implement a site certification option within the Common Criteria program.
atsec is a Common Criteria security evaluation facility accredited and licensed by BSI in Germany, NVLAP (National Voluntary Laboratory Accreditation Program) for NIST CCEVS in the U.S., and provisionally by CSEC (Sveriges Certifieringsorgan för IT-säkerhet) in Sweden.
CeBIT is the world’s largest trade fair showcasing digital IT and telecommunications solutions for home and work environments. Mr. Krummeck will present his talk the afternoon of 21 March 2007.

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in January 2000 and has extensive international operations with offices in the US, Sweden, the UK, and China. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf. For more information please visit www.atsec.com.