Gianfranco Scherini
Business Development Manager
STMicroelectronics

Securing Digital Content – Art or Science

Today the risk of exposing confidential information is creating a growing concern not only among Corporations that have the mandate to protect secrets but also among Consumers and overall within our society. Every day we witness of attacks that explore any potential vulnerability that may exist through the network.

Up to now the response is still fragmented and in this vastly differentiated field of security solutions we are still lacking a standard that would act as a reference point that will determine the effectiveness of the system used to protect our data. Clearly the Task of mandating a security policy requires an extensive analysis since in Security it is the weakest link the one that determine the effectiveness of the whole chain.

Still nowadays often times the analysis starts with a base of nothing more than the self-certified claims provided by the promoting vendors. But in vast ecosystem like the one we live today there must be a convergence where products can be categorized by their level of security:

Hence the need for a Certified Security Level Equivalence, by which security levels of supply can be achieved from multiple vendors. Leveraging on the competences and the work done within the National Institute of Standards and Technology, NIST, that defined the set of Security Requirements for Cryptographic Modules, referred as FIPS140-2, STMicroelectronics is driving the convergence of definitions supported by unbiased measures taken and reviewed by regulated third part institutions.