Artikel und White Papers
Die Fachkenntnis unserer Mitarbeiterinnen und Mitarbeiter ist sehr gefragt: Sie gehören internationalen Kommissionen an, halten Vorträge auf Konferenzen und schreiben Bücher und Fachartikel.
Werfen Sie einen Blick auf die Liste von Vorträgen und Veröffentlichungen.
| Thema |
Event/ Medium |
Autor/ Sprecher |
|---|---|---|
FRITSA: Do You Understand How all of your IT Security Assurance Efforts fit Together?  mehr] |
ISSA Austin | Fiona Pattinson |
| atsec Newsletter China 12/2011 mehr] |
Newsletter | various |
FRITSA: Do You Understand How All of Your IT Security Assurance Efforts Fit Together?  mehr] |
ISSA Austin Meeting | Fiona Pattinson |
| Evaluating Third-Party Code: How Can It Be Trusted? mehr] |
12th ICCC | Cavness |
| From FIPS 140-2 to CC mehr] |
12th ICCC | Mao |
| Comparative Study Between the Chinese Standards and the Common Criteria mehr] |
12th ICCC | Mao, Chen, Liu |
| Fighting the Bean Counters mehr] |
12th ICCC | Krummeck |
| An Access Control Model for Applications on Mobile Devices using Common Criteria Certifications mehr] |
12th ICCC | Kurth, Huynh |
| atsec Newsletter USA 10/2011 mehr] |
Newsletter | various |
| atsec Newsletter China 09/2011 mehr] |
Newsletter | various |
| Linux security best practices for Linux server systems mehr] |
TechTarget | King Ables |
| Escrowed Data and the Digital Envelope mehr] |
Paper | King Ables |
| atsec Newsletter Germany 08/2011 mehr] |
Newsletter | various |
| atsec Newsletter China 06/2011 mehr] |
Newsletter | various |
| atsec Newsletter USA 07/2011 mehr] |
Newsletter | various |
| FIPS 140-2 Validation for Project Managers and Developers mehr] |
Presentation | Fiona Pattinson |
| atsec Newsletter Germany 04/2011 mehr] |
Newsletter | various |
| Penetration Testing as an Auditing Tool mehr] |
ISACA Austin Meeting | Jeremy Powell |
| Payment Card Industry Assessments & Privacy mehr] |
IAPP Austin | Pattinson |
| atsec Newsletter USA 02/2011 mehr] |
Newsletter | various |
| atsec Newsletter Germany 01/2011 mehr] |
Newsletter | various |
| Inherent Problems in the Information Technology Supply Chain mehr] |
Poster for 26th ACSAC | Courtney Cavness |
| Inherent Problems in the Information Technology Supply Chain mehr] |
26th ACSAC poster session | Courtney Cavness |
| SIEM – Ein Praxisbericht mehr] |
16. DFN Workshop 2009 | Wimmer, Hofherr |
| S(I|E)M – Ein Praxisbericht mehr] |
White paper | Wimmer, Hofherr |
| atsec Newsletter USA 12/2010 mehr] |
Newsletter | various |
| atsec Newsletter China 11/2010 mehr] |
Newsletter | various |
| Building the IBM 4758 Secure Coprocessor mehr] |
IBM Research Publications | Weingart et al. |
| What to expect from a PCI QSA led assessment mehr] |
Presentation | Fiona Pattinson |
| Migrating to OSPP mehr] |
11th ICCC Conference | Krummeck, Penny, Robinson |
| Improving the Flexibility and Applicability of Protection Profiles mehr] |
11th ICCC Conference | Helmut Kurth |
| Becoming a CNAS Laboratory mehr] |
11th ICCC Conference | Yi Mao |
| Untrusted Developers: Code Integrity in a Distributed Development Environment mehr] |
ISSA Journal, vol. 8, no. 10, pp. 38-41. | Cavness, C., Kurth, H. & Mueller |
| Chipkarten im Gesundheitswesen. Technikfolgen-Abschätzung zur Sicherheit in der Informationstechnik. | Bundesamt f. Sicherheit i.d. Informationstechnik (BSI), 1995, 113 S.(Schriftenreihe zur IT-Sicherheit in der IT-Technik Band 5) (ISI-B-20-95) | Gerald Krummeck |
| Informationstechnik zur Fahrerunterstützung im Straßenverkehr. Technikfolgen-Abschätzung zur Sicherheit in der Informationstechnik. | Bundesamt f. Sicherheit i.d. Informationstechnik (BSI), 1995, 104 S. (Schriftenreihe zur IT-Sicherheit in der IT-Technik, Band 6) (ISI-B-21-95) | Gerald Krummeck |
| Eine Frage der inneren Sicherheit | Frankfurter Allgemeine Zeitung (1996) | Gerald Krummeck |
| Schlechte Karten für Schnüffler im Netz | vdi-Nachrichten (1996) | Gerald Krummeck |
| Firewalls – Anforderungen, Konzepte und Lösungen | unix / mail 14 | Gerald Krummeck |
| Pragmatische Umsetzung von Sicherheitspolitiken auf dem Weg ins Internet | 5. Deutscher IT-Sicherheitskongreß des BSI 1997 | Gerald Krummeck |
| Richtig investieren in die IT-Sicherheit | KES 3, Juli 2002 | Gerald Krummeck |
| Distributed Cache Index | Conference of Communication in Distributed Systems, Frankfurt (Germany), 1999 | Isabell Fouquet |
| atsec Newsletter Germany 09/2010 mehr] |
Newsletter | various |
| Untrusted Developers - Code Integrity in a Distributed Development Environment mehr] |
White Paper | Cavness, Kurth, Mueller |
| atsec Newsletter USA 07/2010 mehr] |
Newsletter | various |
| How Does Your Company’s Identity Security Compare with that of the Federal Government? mehr] |
ISSA Meeting | Auston Holt |
| Are You Prepared to Successfully Pass a PCI-DSS and/or a FISMA Certification Assessment? mehr] |
SHARE Conference | Pattinson |
| Security Assurance: Contrasting FISMA and ISO/IEC 27001 mehr] |
White Paper | Pattinson |
| atsec Newsletter USA 02/2010 mehr] |
Newsletter | various |
| Payment Card Industry Compliance For Large Computing Systems mehr] |
White Paper | various |
| atsec Newsletter Germany 12/2009 mehr] |
Newsletter | various |
| Beyond Common Criteria’s Mutual Recognition mehr] |
White Paper | Ochel |
| KVM Security Comparison mehr] |
White Paper | Mueller |
| Secure Network Zones mehr] |
ISSE 2009 | Wimmer |
| Evidence based Evaluations Chances and Challenges mehr] |
10th ICCC | Kurth |
| Trusting Virtual Trust mehr] |
10th ICCC | Powell |
| Taking White Hats to the Laundry: How to Strengthen Testing in CC mehr] |
10th ICCC | Vassilev |
| An Attack Surface based Approach to Evaluation mehr] |
10th ICCC | Kurth |
| Beyond Common Criteria’s Mutual Recognition mehr] |
White Paper | Ochel |
| atsec Newsletter Germany 08/2009 mehr] |
Newsletter | various authors |
| Assurance in Implementation Correctness of Cryptographic Algorithms Gained Through the NIST Cryptographic Algorithm Validation Program mehr] |
Whitepaper | Pattinson |
| Heiter bis Wolkig mehr] |
iX - 5/2009 | Mueller |
| Common Criteria: National Validation Scheme Differences: CCEVS, CSEC and BSI mehr] |
Whitepaper | Pattinson, Hake, Krummeck, Persson |
| Secure Coding Guidelines mehr] |
White paper | Shiralkar, Grove |
| Penetration Testing in der Praxis mehr] |
Talk at FH BRS | Wienzek |
FIPS 140-2 DTR XML Templates  mehr] |
ZIP archive | Masino |
| Introducing Assurance Measures for Security Target mehr] |
9th ICCC, Korea | Mao |
| Integration of Architectural Requirements into the CC Structure | 9th ICCC, Korea | Kurth, Pingel |
| Measuring the Effectiveness of a Security Development Process | 9th ICCC, Korea | Kurth, Grimm |
| Designing the Trusted Service Bus for EAL5 mehr] |
9th ICCC, Korea | Ochel |
| Comparison of CC Functionality & FISMA 800-53 Controls mehr] |
White paper | Fiona Pattinson |
| Using SCAP to Detect Vulnerabilities mehr] |
White paper | S. Weingart |
| Personal Brokerage of Web Service Access mehr] |
IEEE Security and Privacy, vol. 5, no. 5, pp. 24-31, Sept/Oct, 2007 | A. Vassilev |
Smart cards and the holy grail of Internet security  mehr] |
Keynote presentation at the International symposium on Recent Developments in Cryptography and Information Security, August 29-31, 2007 | A. Vassilev |
| Security benefits from OS virtualization: Real or Virtual? mehr] |
White paper | A. Vassilev |
| The futility of secrets? | Opinion, Information Security, p.10, March 2007 | A. Vassilev |
| Do Federal Security Regulations help? | Opinion, Information Security, p.10, January 2007 | A. Vassilev |
You say potayto, I say potato: Bridging PKI standards with a .NET smart card  mehr] |
E-Smart 2006, September, 2006, Sophia-Antipolis, French Riviera, France | A. Vassilev |
| Microsoft Smart Card Cryptographic Support with Cryptoflex .NET Smart Card | Cartes 2005 International Conference, Paris, France | A. Vassilev |
| Authentication Framework for Real People mehr] |
E-Smart 2004, September 22-24, 2004, Sophia-Antipolis, French Riviera, France | A. Vassilev |
| Examining the impact of .NET on smart card middleware | Software Architecture and Design Conference, Houston, Texas, September 8-10, 2003 | A. Vassilev |
| Authentication Framework for Smart Cards,” Lecture Notes In Informatics (Gesellschaft für Informatik Edition) | BIOSIG 2003: Biometrics and Electronic Signatures vol. P-31, 51-59, 2003. ISBN 3-88579-360-1 | A. Vassilev |
| Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defenses 2008 mehr] |
Whitepaper | Weingart |
| Operating System Evaluations - What security functionality is expected mehr] |
8th ICCC, Rome | Kurth, Farrel (IBM) |
| How To Eat A Mammoth mehr] |
8th ICCC, Rome | Krummeck |
| Economical Use of Formal Methods mehr] |
8th ICCC, Rome | Yi Mao |
| Secure System Design mehr] |
8th ICCC, Rome | Pattinson |
| CC in the Real World mehr] |
8th ICCC, Rome | Pattinson |
| XML-based Security Targets for tool-supported evaluations mehr] |
8th ICCC, Rome | Ochel |
| CC quick reference mehr] |
atsec document | Pattinson |
| Dumm gelaufen - Stromausfall am Wochenende mehr] |
Behoerdenspiegel, Germany | atsec GmbH |
| A quick quide to the Linux evaluations mehr] |
White Paper | Mueller, Pattinson |
| Certifying Information Security Management Systems mehr] |
White Paper | Fiona Pattinson |
| Wireless Intrusion Detection und Prevention Systeme – Ein Überblick mehr] |
BSI Kongress 2007, Bonn | Hofherr |
| Wireless Intrusion detection mehr] |
14. DFN-CERT Workshop "Sicherheit in vernetzten Systemen" | Hofherr |
| Common Criteria Certification in China: A comparison with the schemes of the CCRA mehr] |
atsec website | Kurth, Liu, Ochel, Pattinson, Li |
| How to Write Site Security Targets mehr] |
7th ICCC Conference, Lanzarote | Krummeck |
| Applying the Draft CC Version 3.0 to Linux - Experience from a Trial Evaluation mehr] |
7th ICCC Conference, Lanzarote | Kurth |
| Addressing consumer needs to increase the demand for Common mehr] |
7th ICCC Conference, Lanzarote | Ochel |
| IT Security Assurance and Common Criteria mehr] |
TickIT International | Pattinson |
| WLAN Sicherheit | Book, Heise Verlag | Hofherr |
| atsec publishes Content Description of PAS 56:2003 "Guide to business continuity management" mehr] |
atsec website | Rauer |
| Efficient CC Evaluations mehr] |
atsec website | Mueller |
| How Useful are Product Security Certifications for Users of Products? mehr] |
ZISC Information Security Colloquium SS 2005 | Kurth |
| Information Security Assurance - Why there's no single solution mehr] |
Information Storage + Security Journal | Pattinson |
| Deriving Security for Mixed IT System Architectures from Evaluated Products mehr] |
6th International Common Criteria Conference, Tokyo, 2005 | Ochel |
| "Aktuelle Erfahrungen mit der Evaluierung von Open Source Software" | Kurth | |
| Garantiert sicher - Evaluierung von IT-Sicherheit. mehr] |
iX Magazin für professionelle Informationstechnik, 05/2005 | Ochel |
| "BS 7799-2 and the CC" Supporting the Business of Software Development mehr] |
5th International Common Criteria Conference, Berlin, 09/2004 | Pattinson |
| The Evaluated Configuration - Defining a user-friendly Target of Evaluation mehr] |
5th International Common Criteria Conference, Berlin, 09/2004 | Mueller, Ochel |
| Increased information flow needs for high-assurance composite evaluations mehr] |
Second IEEE International Information Assurance Workshop, 2004 | Kurth |
| Security Assurance: Smart Cards and the Bigger Picture mehr] |
CardTech Secur tech, 2004 | Pattinson |
| Debian on Handheld Computers mehr] |
UKUUG Linux 2003 Conference, Edinburgh, Scotland, 2003 | Weidner |
| PKI soll sichere Kommunikation gewährleisten mehr] |
Magazin fuer professionelle Informationstechnik, 09/2001 | Ochel, Weissmann |
| e-business Risk Management with Tivoli Risk Manager mehr] |
IBM Redbook, 2001 | Wimmer |
| Revision control using RCS and vic mehr] |
Internal Training, 2001 | Weidner |
| Unix tools and software compilation mehr] |
Internal Training, 2001 | Weidner |
| Reflections on Trusting Trusted Third Parties | 23rd NISSC, Baltimore, 2000 | Kurth |
| KRISIS - Key Recovery in Secure Information Systems | The Open Group Security Program Group Meeting, Amsterdam, 1998 | Kurth |
| Business Use of Cryptography mehr] |
The Copenhagen Hearing, 1998 | Kurth |
| Falsch Verbunden - Gefahr durch DNS-Spoofing [dangers of DNS spoofing] mehr] |
c't, 10/1997 | Weidner |
| The Future of Electronic Commerce | 20th NISSC, Baltimore, 1997 | Kurth |
| Kabelsalat: Ethernet für Einsteiger mehr] |
Linux Magazin, 05/1996 | Weidner |
| Integration of Digital Signatures into the European Business Register | 19th NISSC, Baltimore, 1996 | Kurth |
| Security Assurance in Information Systems | S. K. Katsikas and D. Gritzalis (ed), Information Systems Security: Facing the Information Society of the of the 21st Centrury, Chapman & Hall, 1996 | Kurth |
| Proceedings of ESORICS `96 | ESORICS, Rome, 1996 | Kurth |
| Linux for Workgroups mehr] |
Linux Magazin, 08/1995 | Weidner |
| Security Assurance Issues for TTP Services | TEDIS EDITT Workshop, Barcelona, 1995 | Kurth u.a. |
| The TMach Experience | 18th NISSC, Baltimore, 1995 | Kurth |
| "Der Weihnachtsmann kommt nicht" (Software selbst installiert) | Linux Magazin, 12/1994 | Weidner |
| "Emacs-Zaubereien: GNU Calc" mehr] |
Linux Magazin, 11/1994 | Weidner |
| "Emacs-Zaubereien: gcc und gdb" | Linux Magazin, 10/1994 | Weidner |
| Security Evaluations in Practice | Panel, ESORICS, 1994 | Kurth |
| Apparent Differences Between the US TCSEC and the European ITSEC | 14th Nat'l Computer Security Conf., Washington, 1991 | Kurth |
| Formale Spezifikation und Verifikation - Ein Überblick | VIS, 1991 | Kurth |
| Security Apects in CALS | CALS Europe, 1990 | Kurth |
| Paper Output Labeling in a Dedicated System Running under MVS, Proceedings of the | 8th NCSC, Gaithersburg, 1985 | Kurth |
| Problem areas in electronic signatures mehr] |
7. Deutscher Präventionstag, Düsseldorf | Ochel |
| The AIX Survival Guide mehr] |
Addison-Wesley | Siegert |
