Exhibitor Press Releases

Subpage Hero

  

09 Oct 2019

Utimaco HSM first to be Common Criteria EAL4+-certified according to eIDAS Protection Profile EN 419 221-5

eIDAS Protection Profile EN 419 221-5 “Cryptographic Module for Trust Services”
The German hardware security specialist was engaged with and contributed to the creation of the security requirements and protection profiles within the Technical Committee 224, Working Group 17 of the European Committee for Standardization (CEN).
Protection profiles (PP) according to the Common Criteria certification scheme define the requirements for information technology security functions. The eIDAS Protection Profile EN 419 221-5 was certified by an accredited evaluation laboratory in late 2017 and approved by the EU member states earlier this year. With this Protection Profile, CEN standardizes security requirements for cryptographic modules being used as Qualified Signature Creation Device (QSCD) according to the eIDAS regulation

Overview of eIDAS use cases supported by the certified Utimaco CryptoServer CP5 HSM (Source: Utimaco)
Certified security for a wide range of use cases
The principal aim of the eIDAS regulation is to facilitate a true digital single market in Europe.
The related services for electronic identification and trust services lend themselves to a
variety of use cases. These include
- strong website authentication and qualified certificates for sealing communications
based on the new PSD2 regulation for the banking and financial services industry,
- electronic seals for businesses to prove the origin and integrity of data and documents
issued by them,
- electronic signatures created either locally by the signatory, or remotely by a Trust
Service Provider (TSP) on behalf of the signatory. In the latter case, this involves a
Signature Activation Module (SAM) supported by a Hardware Security Module to build
a Qualified Signature Creation Device for server signing.
New business opportunities with existing and new partners
For Utimaco business partners, this recent certification opens up a wide range of business
opportunities, among which remote signing solutions. German-based IT service provider
Bank-Verlag, together with software developer achelos and Utimaco, is developing a Signature
Activation Module for banking applications. The service enables bank customers to generate
online signatures remotely and speeds up and simplifies processes such as signing contracts,
opening an account or issuing insurance policies. Ascertia, a global provider of digital
signature creation and verification solutions, will be using the Utimaco CP5 HSM within its
ADSS SAM Appliance, a remote QSCD currently undergoing CC EAL4+ certification against EN
419 241-2. There is great market interest in the powerful combination of Ascertia software
working with Utimaco HSMs to deliver eIDAS compliant remote signing.
“With eIDAS, the European Commission is looking to stimulate the digital market in Europe,”
says Malte Pollmann, CEO of Utimaco. “Being the first vendor certified according to Protection
Profile EN 419 221-5, Utimaco helps pave the way for compliant and highly secure trust
services. These ambitions are reflected in a number of current and upcoming partner
projects.”
Page 3 of 3
Proof of concept with the CryptoServer CP5 simulator
Several companies have already made use of the CryptoServer CP5 simulator for testing
purposes in the past months. One of these is Halcom, a provider for digital banking solutions
based in Slovenia. Having extensively tested the CP5 HSM’s functionalities with the help of the
simulator, Halcom is now able to kick-start the implementation of CryptoServer CP5 into its
solution and provide its customers with both secure and compliant trust services.
Luka Ribičič, Head of Halcom-CA, notes: “To be able to offer our clients eIDAS-compliant
solutions, cooperating with a trustworthy HSM provider was crucial. The CryptoServer CP5
simulator as well as the affordable price point were key factors in our decision for Utimaco.”

Loading

Sponsors

Diamond Sponsor

  • Threatlocker

 

Platinum Sponsors

  • PacificTech
  • Sophos

Zero Trust VIP Lounge Sponsor

  • beyondtrust

 

Keynote Theatre Sponsor

  • Crowdstrike

 

Theatre Sponsor

  • Microsoft

 

Gold Sponsors

  • Fortinet
  • Barracuda
  • Cloudbric
  • Darktrace
  • Devo

Gold Sponsors

  • Halodata
  • i-sprint
  • Keysight
  • Microsoft
  • Qualys

Silver Sponsors

  • Blackberry
  • Comforte
  • CDNetworks
  • Hackuity
  • Hillstone
  • Horangi
  • logon

Silver Sponsors

  • Flexxon
  • Internet & Idee
  • Illumio
  • Intel741
  • Imperva
  • Thales
  • wiz

Silver Sponsors

  • Carbonite
  • CDNetworks
  • MyRepublic
  • Sangfor
  • Seculetter

Silver Sponsors

  • Ivanti
  • Panorays
  • Mimecast
  • Radware
  • Privasec

 

Silver Sponsors

  • SonicWall
  • Tenable
  • Waterfall Security
  • XM Cyber

 

Silver Sponsors

  • Cysclae
  • Titanium

 

Bronze Sponsors

  • Scantist
  • Toffs Technologies
  • appView
  • Delinia
  • DT Asia
  • Firemon
  • Fortanix

Bronze Sponsors

  • Gatewatcher
  • Cloudnosys
  • Indeed ID
  • PowerDMARC
  • Utimaco
  • Wizlynx

 

Bronze Sponsors

  • Intigriti
  • Thomas Murray
  • Knit Technologies
  • Riskrecon
  • Securosys
  • Telescience
  • UCware

 

Bronze Sponsors

  • nexus
  • socly
  • techfindr
  • atakama

 

Bronze Sponsors

  • Endpoint Cososys
  • Prevalent
  • uSecure
  • Gigamon

 

Bronze Sponsors

  • Apricorn
  • Kanguru

 

Partners

Knowledge Partner

  • BICSI

News Distribution Partner

  • ACN Newswire

Associate Content Partner

  • Uptime Institute

Strategic SEO Partner

  • AdVantage

Strategic Event Partner

  • ISC2
  • Frost & Sullivan

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • ISACA
  • CSCIS
  • La French Tech
  • ASME
  • ERMA

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech
  • CHIME

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India
  • Crest

Media Partners

  • ACN Newswire
  • APAC CIO
  • APSM
  • Asia Blockchain Review
  • Asia Research News

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • CryptoNewsZ
  • ComputerWeekly.com
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO

Official Partner Hotel

  • MBS

Held In

  • SG

Supported By

  • SG

  • Hillstone