2
min reading time
This common criteria re-evaluation project of i4p-Informatika Ltd. was successfully completed thanks to professional cooperation between the client's developer team and CCLab's qualified evaluators.
The most recent versions of i4p's TRIDENT HSM and TRIDENT SAM (Signature Activation Module) have received their updated Common Criteria EAL 4+ certification. These devices have been improved in response to customer feedback and they now offer even more flexibility and ease-of-integration, as well as improved high-availability clustering options.
i4p is the first and only vendor to have attained certification against both the Protection Profile for Cryptographic Module for Trust Services (EN 419221-5) and for Server Signing (EN 419241-2). On top of that, our clients' solution is eIDAS-listed as a QSCD (Qualified Signature and Seal Creation Device). Therefore, this is the only one-vendor solution that already complies with the coming update in eIDAS regulation that will mandate not only the use of a QSCD for advanced and qualified remote signature & seals, but also a CC-certified SAM. It is also one of only 3 CC-certified SAM solutions in total, but again, TRIDENT RSS (HSM + SAM) is the only complete solution that was developed by one and the same development team.
Complex process, professional support
“In the case of safety certificates, the certification is valid only for the specific product version that has been tested by a laboratory under the control of the supervisory authority during the certification process. Each time a new version is released, the developer of the product is obliged to complete a similar certification process. This is a complex yet extremely important procedure, since this ensures our customers that the solution meets the stringent requirements. We are proud that we could obtain the certificate for Trident HSM v2.1 in a very short time, and we are especially pleased that we completed this process with a Hungarian partner, namely the independent information security laboratory CCLab”, said Zsolt Rózsahegyi, CEO of i4p.
“This re-evaluation project, which was successfully completed within only 4 months, wasn’t the first joint project with i4p-Informatika Ltd. Thanks to the well-prepared documents of the developers and the quick consideration of our observations during the evaluation process, we were able to complete the EAL4+ level compliance assessment by the expected deadline, within a good timeframe”, said Gábor Hornyák, CCLab Ltd’s Head of Laboratory.
The Common Criteria EAL4+ security certificate of i4p can be found here.
Learn everything you need to know for a successful Common Criteria certification project. Save costs and efforts with your checklist.
This downloadable infographics introduces the Common Criteria Evaluation process to you. Explore now for free.
Read and learn more about the Radio Equipment Directive (RED), download our free material now.
The EUCC scheme, spearheaded by the European Union Agency for Cybersecurity (ENISA), was released in early 2024. It builds on the SOG-IS Common Criteria evaluation framework already used by 17 EU Member States.
7
min reading time
ICT (Information and Communication Technology) products, encompassing a wide range of digital devices and software, are inherently vulnerable due to their complexity and the ever-present potential for undiscovered security flaws. The interconnected nature of these products further amplifies the risk, as a single vulnerability can lead to widespread security breaches across networks and systems. To mitigate these risks, the strategic integration of cybersecurity certification requirements in ICT products has become paramount.
8
min reading time
The new Common Criteria Scheme, called the European Cybersecurity Certification Scheme (EUCC), is essential for harmonizing high-security cybersecurity certification of ICT products across EU member states. It facilitates mutual recognition of certifications, supports innovation, and ensures compliance with legal requirements. Fully effective from February 2025, the EUCC aims to provide a unified and robust framework for evaluating IT products, boosting consumer trust, and fostering a more secure digital environment.
10
min reading time