When

Thursday, March 20, 2025 - 2:00 PM (MST)
Vaclav Matyas
Professor
Department of Computer Systems and Communications
Masaryk University, Brno
"Sec-certs: Insights from the world of certified computer security products and systems"
ENGR 301

Abstract: My lecture will outline our study of the certified security product ecosystems – namely the Common Criteria and FIPS 140, involving over thousands of certified products. The backbone of our analyses is the analytical toolset sec-certs, unveiling compelling findings. Notably, 61% of smartcard-related items have certified dependencies, while only 3% of smartcard-unrelated products do. The transparent approach fosters trust and accountability, benefiting all stakeholders. The talk will discuss overcoming obstacles to automated processing and suggest enhancements for certification document preparation to bolster transparency.
Bio: Václav (Vashek) Matyáš is a professor at Masaryk University, Brno, heading its Centre for Research on Cryptography and Security. His research interests relate to applied cryptography and security; he has published over 200 peer-reviewed papers and articles. He worked also with Red Hat Czech, CyLab at Carnegie Mellon University, as a Fulbright-Masaryk Visiting Scholar at Harvard University, Microsoft Research Cambridge, University College Dublin, Ubilab at UBS AG, and as a Royal Society Postdoctoral Fellow with the Cambridge University Computer Lab. Vashek also worked on the Common Criteria and in ISO/IEC JTC1 SC27. He can be contacted at matyas AT fi.muni.cz.