Cryptsoft ServicesCryptsoft staff offer a wide range of training and development services. If you are looking for something and you don't see it listed here then contact us as only a small subset of our material is noted below.
Cryptsoft is accredited under GITC with company number Q-3572 for consulting and contracting services.
Cryptsoft is also a member of the Queensland Health PSA2000 ICT Contracting Services Panel.
FIPS140-2 High Level Overview and Tutorial
One day tutorial session covering the most important aspects of FIPS140-2 cryptographic module validation.
FIPS140-2 Requirements Analysis
Typically this service is provided after the engineering team has completed the FIPS140-2 High Level Overview and Tutorial.
Smartcard Technologies and Concepts
An overview of the various technologies used in smartcard systems and the associated infrastructure components needed to interact with and effectively deploy smartcard systems.
Public Key Infrastructure (PKI) Fundamentals
An overview of the technologies used in PKI systems and strategies needed to interact with and effectively deploy systems dependant on PKI .
Authentication and Authorisation (AA) Fundamentals
An overview of the technologies and approaches available for authentication and authorisation in a multi-vendor environment.
Hardware Security Module (HSM) Fundamentals
An overview of how to integrate HSMs into an overall security model in a pragmatic manner.
An overview of how to interact with securit tokens and HSMs via the PKCS#11 API.Find out more …
FIPS140-2 Preliminary Planning
Review of existing product documentation.
FIPS140-2 Validation Package Preparation
Preparation of materials required for a FIPS140-2 validation.
FIPS140-2 Testing Laboratory Liaison
Interface with the selected Testing Laboratory on behalf of the client.
FIPS140-2 Cryptographic Algorithm Validation Implementation
Assistance and/or implementation of cryptographic algorithm testing for specified algorithms. Includes assistance with review of required runtime tests which must be added to the client product.
FIPS140-2 Submission Package Review
Review of all submission material and assistance with updates to meet the current requirements of FIPS140-2.
FIPS140-2 Re-validation Preparation
For future product releases, revalidation can be straight forward or complicated depending on the nature of the changes to the cryptographic module since the previous release.
Smartcard Interfacing with Multi-Vendor Devices
Interfacing with the smartcard devices from a range of vendors on different platforms.
Smartcards and Embedded Platforms
Embedded platforms offer their own challenges when interfacing to smartcard systems as non-Win32 platforms often means interfacing directly at the APDU level.
Security Tokens - OTP
Integrating and deploying security tokens. One-Time-Password (OTP) devices based on proprietary or open systems.
- OATH - HOTP and TOTP.
- RSA SecurID.
- Soft Tokens (mobile phone)
Integration of wireless devices (including 802.11, ISO/IEC 14443, NFC, Mifare, Zigbee, others).
Public Key Infrastructure Planning
Deployment of smartcard based systems usually involves the creation of X.509 based digital certificates and the associated public key infrastucture for deployment, operation, and lifecycle management.Find out more …
Security Architecture Consulting
Review of existing and planned product from the point of view of the security implications from and architectural point of view.
Review of implemented product in terms of issues which need to be handled during implementation.
Review of product deployment in terms of issues which need to be handled during deployment.
Tools, techniques and strategies for improving the security of products during the design, development, and testing phases of the overall product lifecycle.Find out more …
Provision of audit services against the requirements of a range of standards and defacto-standards.Find out more …