Back to events

ICMC Conference

ICMC

May 8-11 Ottawa, Ontario, Canada

The International Cryptographic Module Conference is the leading annual event for global expertise in commercial cryptography. At the sixth annual edition of the conference in May 8-11 in Ottawa, Ontario, Canada, over 400 industry leaders from over 22 countries will convene to address the unique challenges faced by those who develop, produce, test, specify, and use cryptographic modules, with a strong focus on standards such as FIPS 140-2, ISO/IEC 19790, and Common Criteria. The conference helps to foster a focused, organized community of users. ICMC reviews technical issues underlying cryptographic implementation including physical security, key management, side-channel analysis, open-source development, algorithm testing, quantum threats, embedded applications, standardization, validation programs, government policy, professional ethics, and more. Read more about ICMC 

PrimeKey speakers

martin oczko

Martin Oczko: Traditional Hardware Security Models vs. Real World Requirements. Is There A Gap?

10 May, 15:30-16:00 Hardware based security (like HSMs, TPMs, smart cards etc) is a well established concept and there is a variety of hardware security modules of different flavours available on the market. However the HSM technology hasn’t changed during the last 10+ years although the systems, deployment concepts and applications which are to protect changed massively. Cloud or outsourced deployments require a new level of integrity protection for the applications, IoT is bringing a new level of scalability requirements into the game and new technology stacks for critical applications redefine the need for a secure execution environment which goes beyond the protection of the cryptography part of the application. This session will look at “the state of the nation“ regarding hardware security and related technologies like cryptographic APIs or management schemes in the context of todays cloud computing, Industrial IoT, and critical applications. It will analyze current requirements and put the state of technology and certification schemes on a test bench based on practical experience from the last years. Also, the session will ask and try to answer questions like: Is PKCS#11 really best suited for cloud and Industrial IoT use cases? Is it really sufficient to protect only cryptographic keys in a hardware security module? Do we have a gap when it comes to certification schemas? Last but not least the presentation will try to answer the question: Is the current state of the hardware security technology with it’s deployments models, APIs and management concepts sufficient to address the requirements coming with latest technology stacks, cloud technologies and IoT use-cases? 

tomas-gustavsson

Tomas Gustavsson: Case study on certification and audit of open source security software

11 May, 10:45-11:15 Ottawa salon 212 EJBCA project started in 2001. Now it its 6th major version, it is used worldwide for variety of use-cases. We share experiences of Common Criteria EAL4+ certification of an open source software, and look at value of CC certification in practice, putting in broader context of audit standards such as eIDAS/ETSI, CA/B forum or WebTrust. We look also at integration with FIPS-140-2 certified HSMs using PKCS#11, and discuss some examples where static nature of certifications is insufficient in practice. 

Related events

imc-iot-logo-3
2022-02-07
Event

Winter IoT Days: IoT Technology Focus

OT Security Forum
2021-10-12
Event

OT Security Forum

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all